On Tue, Jul 28, 2015 at 04:20:34PM +0000, Kash, Howard M CIV USARMY ARL (US) wrote: > > Turns out the problem is the new protocol extension for sending host keys > to > > the client after user authentication (section 2.5 of the PROTOCOLS > > document). Commenting out the notify_hostkeys() call in sshd.c fixes the > > issues with Cisco scp. Maybe a new bug compatibility flag in on order to > > add to the "Cisco-1.*" client string that was added in 6.9? > > There's already a flag... just need to add SSH_BUG_HOSTKEYS to "Cisco-1.*" > in compat.c. Like so? Index: compat.c =================================================================== RCS file: /cvs/src/usr.bin/ssh/compat.c,v retrieving revision 1.95 diff -u -p -r1.95 compat.c --- compat.c 13 Jul 2015 04:57:14 -0000 1.95 +++ compat.c 28 Jul 2015 23:22:07 -0000 @@ -150,7 +150,7 @@ compat_datafellows(const char *version) "1.2.22*", SSH_BUG_IGNOREMSG }, { "1.3.2*", /* F-Secure */ SSH_BUG_IGNOREMSG }, - { "Cisco-1.*", SSH_BUG_DHGEX_LARGE }, + { "Cisco-1.*", SSH_BUG_DHGEX_LARGE|SSH_BUG_HOSTKEYS }, { "*SSH Compatible Server*", /* Netscreen */ SSH_BUG_PASSWORDPAD }, { "*OSU_0*," -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev