That looks legit to me, see rfc4253 section 5.2 5.2 <https://tools.ietf.org/html/rfc4253#section-5.2>. New Client, Old Server
Since the new client MAY immediately send additional data after its identification string (before receiving the server's identification string), the old protocol may already be corrupt when the client learns that the server is old. When this happens, the client SHOULD close the connection to the server, and reconnect using the old protocol. This implies that what you see is correct from a client point of view. Would it be possible to enable debug logging on the cisco server to get more traces ? 2017-11-02 9:38 GMT+01:00 Maroš Maršálek <[email protected]>: > Hello mina(sshd) devs, > > > > While using mina-sshd I ran into a possible issue. > > Basically, when connecting as a client to SSH server, session > initialization halts. The message exchange (observed by wireshark) looked > like this: > > > > Mina-SSHD-client -> SSH server SSH-2.0-... > > Mina-SSHD-client -> SSH server KEX_INIT > > SSH server -> Mina-SSHD-client SSH-2.0-Cisco-1.25 > > > > No further messages were exchanged. > > This does not always happen, if the timing is right and the message order > looks like: > > > > SSH-2.0... > > SSH-2.0-Cisco-1.25 > > KEX_INIT > > KEX_INIT > > > > ... the communication continues as expected. > > > > So my questions would be: > > Is that an issue ? Should the „SSH protocol identifiers“ be exchanged > first and only then KEX_INIT messages ? Is that message order valid by the > SSH protocol standards ? > > If so, can that be considered a possible issue in mina-sshd library and > should it wait to send KEX_INIT only after SSH protocol identifier was > received ? > > Or is this just a bug in this particular SSH server... > > > > I tested this with mina-sshd 1.16.0 and also 0.14 versions. > > The SSH server is part of Cisco IOSv software (version 15.5(3) and above). > > > > Regards, > > Maroš Maršalek > > *Software Engineer* > > > > Frinx s.r.o. > > Mlynské Nivy 48 / 821 09 Bratislava / Slovakia > <https://maps.google.com/?q=Mlynsk%C3%A9+Nivy+48+/+821+09+Bratislava+/+Slovakia&entry=gmail&source=g> > > +421 2 209 101 41 / [email protected] > <2%20209%20101%2041%20/%[email protected]> / *www.frinx.io > <http://www.frinx.io>* > > > > [image: cid:[email protected]] > > > -- ------------------------ Guillaume Nodet
