#11 Bug found when Connecting to Cisco Devices

open
nobody
None
5
2014-08-17
2004-12-15
Jason Jeffords
No

Using the latest code release I was unable to connect
to a Cisco switch. After some analysis (using a
protocol analyzer) I discovered the problem.

When sending the SSH version identifier the following
code is used (from Session::connect(int)):

io.put(V_C, 0, V_C.length);
io.put("\n".getBytes(), 0, 1);

What is not obvious is each of these lines causes a
flush to the underlying stream. This causes the
version code and newline to be recieved in two messages
at the far end.

While many SSH server implementations handle this
properly it looks like Cisco does not. There are
probably other SSH servers that will have this problem
as well.

I tested a simple fix by defining the following sybol
and turning the above two lines into a single call as
follows:

private byte[] V_C_N = ("SSH-2.0-" + version +
"\n").getBytes(); // client version plus newline

io.put(V_C_N, 0, V_C_N.length);

This works :)

I just wanted to let you know about this fix so you can
put it in the baseline if you wish.

Discussion