Incorrect protocol implementation by OpenSSH?



I am testing against an embedded SSH server that does not allow
clients to execute commands other than through an interactive shell. That
is, when the server receives an SSH_MSG_CHANNEL_REQUEST message to
execute commands, the server replies with SSH_MSG_CHANNEL_FAILURE. The
issue that I am encountering is that OpenSSH (at least version 4.1 does)
sends an SSH_MSG_UNIMPLEMENTED message in reply.

Why? I can't believe that OpenSSH does not implement
SSH_MSG_CHANNEL_FAILURE message processing - this message is most
certainly contemplated in the standard. It is true that the
SSH_MSG_CHANNEL_REQUEST message sent by the OpenSSH client contains a 0
byte in the want-reply field. However, my interpretation of the relevant
portion of the standard (RFC 4254, section 5.4) is that the server should
send an SSH_MSG_CHANNEL_FAILURE message in this case regardless of the
contents of the want-reply field.

Is this not the correct interpretation? The PuTTY client (at
least version 0.60) does seem to agree, for it just terminates the
connection at that point without sending any SSH_MSG_UNIMPLEMENTED
messages.

.



Relevant Pages

  • Announce: OpenSSH 4.2 released
    ... OpenSSH 4.2 has just been released. ... implementation and includes sftp client and server support. ...
    (SSH)
  • Announce: OpenSSH 4.3 released
    ... OpenSSH 4.3 has just been released. ... implementation and includes sftp client and server support. ...
    (SSH)
  • Re: openssh + putty interoperability
    ... > OpenSSH to a combination of Dropbear (presumably server) and PuTTY ... > (presumably client); so where does OpenSSH come into the question? ...
    (comp.security.ssh)
  • Re: Incorrect protocol implementation by OpenSSH?
    ... when the server receives an SSH_MSG_CHANNEL_REQUEST message to ... SSH_MSG_CHANNEL_REQUEST message sent by the OpenSSH client contains a 0 ... OpenSSH client is not. ... single command lines. ...
    (comp.security.ssh)
  • Re: OpenSSH_3.5p1 server, PC clients cannot connect
    ... This is a new installation of OpenSSH on this server. ... Here are some additional notes from the logs, and from the client side: ... dies immediately after this DEBUG log entry: ...
    (SSH)