Re: openssh 4.2p1 zlib compression broken for old clients
This is a discussion on Re: openssh 4.2p1 zlib compression broken for old clients within the OpenSSH Development forums, part of the Networking and Network Related category; On Wed Oct 26 10:06:55 2005, Harald Koenig wrote: > > Hello OpenSSH developers, > > openssh 4....
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
10-26-2005
|
|||
|
|||
Re: openssh 4.2p1 zlib compression broken for old clients
On Wed Oct 26 10:06:55 2005, Harald Koenig wrote:
> > Hello OpenSSH developers, > > openssh 4.2p1 breaks old openssh clients up to 3.4p1 when they try to use compression: > This is spelt out pretty clearly in the ChangeLog for 4.2p1 and (if I recall correctly) in the release announcement on this list. Admittedly, the sshd_config(5) man page does not appear to call out this issue. Set Compression=yes in your sshd_config and the old clients should behave. > # ssh-3.4p1 -C remote-host-with-4.2p1 pwd > no matching comp found: client zlib server none,zlib@openssh.com > > option "-vv" shows > > ... > debug2: kex_parse_kexinit: zlib > ... > debug2: kex_parse_kexinit: none,zlib@openssh.com > ... > debug2: mac_init: found hmac-md5 > no matching comp found: client zlib server none,zlib@openssh.com > > using the small patch below makes the old ssh clients happy again with option "-C" > > > ------------------------------------------------------------------------------- > --- openssh-4.2p1/sshd.c~ 2005-10-05 17:58:21.000000000 +0200 > +++ openssh-4.2p1/sshd.c 2005-10-26 18:17:44.000000000 +0200 > @@ -2014,7 +2014,7 @@ > myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; > } else if (options.compression == COMP_DELAYED) { > myproposal[PROPOSAL_COMP_ALGS_CTOS] = > - myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; > + myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com,zlib"; > } > > myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); > ------------------------------------------------------------------------------- > > > Harald Koenig > > PS: yes I know about the security issues using such old ssh clients, but it's > only used in fairly protected small internal customer networks, and the customer > insists not to change anything in those environments running the old ssh clients... > (the surrounding environment is pretty well maintained which is the reason for > the 4.2p1 sshd;-) > -- > "I hope to die ___ _____ > before I *have* to use Microsoft Word.", 0--,| /OOOOOOO\ > Donald E. Knuth, 02-Oct-2001 in Tuebingen. <_/ / /OOOOOOOOOOO\ > \ \/OOOOOOOOOOOOOOO\ > \ OOOOOOOOOOOOOOOOO|// > Harald Koenig \/\/\/\/\/\/\/\/\/ > science+computing ag // / \\ \ > koenig@science-computing.de ^^^^^ ^^^^^ > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@mindrot.org > http://www.mindrot.org/mailman/listi...enssh-unix-dev > -- Iain Morgan _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org http://www.mindrot.org/mailman/listi...enssh-unix-dev 
|
Linear Mode
