On Jun 17, 2020, at 4:12 PM, Noah <noah@xxxxxxxx> wrote: > I could not find anything in the mailing list archive or bug tracker. > > In ssh2.h, the value (4) is re-used > > 148 #define SSH2_DISCONNECT_KEY_EXCHANGE_FAILED 3 > 149 #define SSH2_DISCONNECT_HOST_AUTHENTICATION_FAILED 4 > 150 #define SSH2_DISCONNECT_RESERVED 4 > 151 #define SSH2_DISCONNECT_MAC_ERROR 5 > > > Is this intentional? It looks like it is. The Internet Draft draft-ietf-secsh-transport up through version 6 defines DISCONNECT_HOST_AUTHENTICATION_FAILED as the value 4, but version 7 and later of the draft and RFC 4253 (which is what that draft eventually turned into) seems to redefine it as DISCONNECT_RESERVED. Here’s a diff between versions 6 and 7 where you can see the change: https://tools.ietf.org/rfcdiff?url2=draft-ietf-secsh-transport-07.txt <https://tools.ietf.org/rfcdiff?url2=draft-ietf-secsh-transport-07.txt> There isn’t any text added which explains this change, and I don’t see any discussion online about this, but it would appear that DISCONNECT_HOST_AUTHENTICATION_FAILED should not be used. -- Ron Frederick ronf@xxxxxxxxxxxxx _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
