(Maybe this is a re-posting: sorry for that.)

a SonicWALL appliance that protects my servers' LAN has suddenly begun to
refuse OpenSSH connections with the following message:

'SSH 2.0 Overly Long Protocol Version Exchange String, SID: 3696,
Priority: High - This signature detects overly long "Protocol Version
string in SSH 2.0. The maximum length of the string, defined in RFC 4253,
is 255 bytes.'

Sniffing IP packets during a connection, I found that the problem is
not the string
length, but the string terminator: Version Exchange String does not end
with CR LF (RFC 4253, section "4.2. Protocol Version Exchange"), but with
CR only.

I tried two different client versions, with the same result:

Openssh V3.8.1p1 (Debian stable package ssh 3.8.1p1-8.sarge.4)
Openssh V4.3p2 (Debian testing package openssh-client 4.3p2-3)

Is (portable) OpenSSH compliant with RFC 4253? Is it a bug fixed in V4.4?
Are Debian packages not compliant with (portable) OpenSSH official packages?
Did anybody experience something like this?

Thanks in advance,

Paolo Vicario,
Centro Servizi Informatici e Telematici (CSIT)
Universita' degli Studi di Udine
e-mail: paolo.vicario at uniud.it

SEMEL (SErvizio di Messaging ELettronico) - CSIT -Universita' di Udine

openssh-unix-dev mailing list