Forum

ver 3.00 and Solari...
 
Notifications
Clear all

ver 3.00 and Solaris 9 SSH

0 Posts
3 Users
0 Reactions
291 Views
(@Diacritical)
Eminent Member
Joined: 21 years ago
Posts: 13
Topic starter  

FWIW -- the stock version of SSH2 that comes with Solaris 9 freezes up with ver 3.00 after a few minutes. This was not a problem with the prior version of AbsoluteTelnet. I suspect version 3.00 is more compliant with the standard since updating to the latest OpenSSL and OpenSSH has fixed the problem.

[size=1][ February 07, 2004, 11:45 PM: Message edited by: Brian T. Pence ][/size]


   
ReplyQuote
(@bpence)
Member Admin
Joined: 12 months ago
Posts: 1375
 

I don't suppose you know what version SSH it had before you upgraded?


   
ReplyQuote
(@Diacritical)
Eminent Member
Joined: 21 years ago
Posts: 13
Topic starter  

From the executable: "SSH-2.0-Sun_SSH_1.0"

I think that was two revisions before it reached "ancient."


   
ReplyQuote
(@bpence)
Member Admin
Joined: 12 months ago
Posts: 1375
 

Found this online:

" Akop Pogosian wrote:

You don't want to use the Solaris SSH even on Solaris 9. The Solaris 9 SSH, at least the version in the FCS release, is based on a really old version of OpenSSH. Telneting to port 22 reports: SSH-2.0-Sun_SSH_1.0 I'd really doubt there is a huge difference between the Solaris 9 SSH and the version of openssh that it was based on, except that Sun obviously won't provide support for the standard OpenSSH. However, the version of OpenSSH that they're using is very old. It was one of the first openssh versions that supported SSH2 protocol and has lots of nasty, well known usability bugs which have been fixed in later versions (the infamous problem with session rekeying and SSH Communications SSH2 client comes to mind, but there were many others) In fact, as people start complaining about those, I suspect Sun will find it easier just to upgrade to the latest OpenSSH than fix them all in this old source tree,

-akop"


   
ReplyQuote
(@twe)
New Member
Joined: 22 years ago
Posts: 1
 

same frozen terminal problem after about 2 minutes of connect time using absolute telnet v3 SSH-2.0.1.36 sshlib: Absolute on an XP with latest updates to a freebsd box running SSH-1.99-OpenSSH_2.3.0

i wish i could downgrade absolute telnet to the previous v2 for a while until the freebsd box can be upgraded


   
ReplyQuote
(@bpence)
Member Admin
Joined: 12 months ago
Posts: 1375
 

Can anyone give me access to an Solaris 9 box with the old SSH so I can do some compatibility testing?


   
ReplyQuote
(@bpence)
Member Admin
Joined: 12 months ago
Posts: 1375
 

I've been trying out old versions of OpenSSH to try to reproduce this bug. I've tried 2.3.0p1, which worked just fine. Then, 2.1.1p4 which I couldn't even log in. If you can get me access to your server, I may be able to diagnose this, but I haven't been able to reproduce this problem here. Really, I'm not sure it's much use trying to debug, as newer versions of the ssh server do not exhibit this problem. I'd be willing to give it a try, though.

Brian Pence
Celestial Software


   
ReplyQuote
(@bpence)
Member Admin
Joined: 12 months ago
Posts: 1375
 

Thanks to PEGLabs in the final diagnosis of this!!!

The problem is indeed a bug in older versions of OpenSSH triggered by a new feature of AbsoluteTelnet!

According to the SSH documentation, new encryption keys should be generated after every gigabyte of data or after 1 hour elapsed time, whichever comes first. AbsoluteTelnet v3.00 attempts to renegotiate new keys after one hour of connect time, and this throws older OpenSSH servers for a loop!! Newer servers are more compliant and expect the negotiation to occur, so no problems there.

For now, I've created a new beta that disables the key re-negotiation entirely. Most likely, I'll make it optional in the production release of 3.11, but the default will be OFF.

You can download the beta here:

[url= http://www.celestialsoftware.net/telnet/beta_software.html ]http://www.celestialsoftware.net/telnet/beta_software.html[/url]


   
ReplyQuote
Share: