I had problems connecting with the FreeBSD openssh client to a Foundry BigIron gigabit switch running ssh 1.2.27, whereas I can connect fine to the same switch when using a locally-compiled OpenSSH 3.1p1.
The culprit is apparently the length of the version string sent by FreeBSD and received by the Foundry switch. If it is over 24 characters, the Foundry ssh daemon just sits there and hangs for a few minutes until it timeouts and closes the connection. If I shorten the client version string to be "OpenSSH_3.1 FreeBSD", everything works ok again. The closest thing to a standard description of the SSH1 protocol I could find is below. It clearly sets a upper limit of 40 characters for the "version" part of the identification string. This is lower than the 42 chars of "OpenSSH_3.1 FreeBSD localisations 20020318", but higher than the maximum of 24 character accepted by the Foundry implementation. So it looks like neither side is strictly compliant to something that's not really a standard anyway. It would be easier on me (and other Foundry switch users) and in the interest of interoperability with broken ssh implementations if the FreeBSD-specific string could be shortened (to at most 11 chars, which is exactly enough to put "des20020307" in there for example ;-), made user-configurable, or altogether removed. http://www.snailbook.com/docs/protocol-1.5.txt Protocol Version Identification After the socket is opened, the server sends an identification string, which is of the form "SSH-<protocolmajor>.<protocolminor>- <version>\n", where <protocolmajor> and <protocolminor> are integers and specify the protocol version number (not software distribution version). <version> is server side software version string (max 40 characters); it is not interpreted by the remote side but may be use- ful for debugging. Pierre To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message