Thank you for this explanation. I am starting to research ssh trends in auth logs, but the duplicate value broke my PK in this table. So I now know which to go with. Thanks, Noah Zalev On Wed, 17 Jun 2020 17:51:38 -0700 Ron Frederick <ronf@xxxxxxxxxxxxx> wrote: > On Jun 17, 2020, at 4:12 PM, Noah <noah@xxxxxxxx> wrote: > > I could not find anything in the mailing list archive or bug tracker. > > > > In ssh2.h, the value (4) is re-used > > > > 148 #define SSH2_DISCONNECT_KEY_EXCHANGE_FAILED 3 > > 149 #define SSH2_DISCONNECT_HOST_AUTHENTICATION_FAILED 4 > > 150 #define SSH2_DISCONNECT_RESERVED 4 > > 151 #define SSH2_DISCONNECT_MAC_ERROR 5 > > > > > > Is this intentional? > > > It looks like it is. The Internet Draft draft-ietf-secsh-transport up through version 6 defines DISCONNECT_HOST_AUTHENTICATION_FAILED as the value 4, but version 7 and later of the draft and RFC 4253 (which is what that draft eventually turned into) seems to redefine it as DISCONNECT_RESERVED. Here’s a diff between versions 6 and 7 where you can see the change: https://tools.ietf.org/rfcdiff?url2=draft-ietf-secsh-transport-07.txt <https://tools.ietf.org/rfcdiff?url2=draft-ietf-secsh-transport-07.txt> > > There isn’t any text added which explains this change, and I don’t see any discussion online about this, but it would appear that DISCONNECT_HOST_AUTHENTICATION_FAILED should not be used. > -- > Ron Frederick > ronf@xxxxxxxxxxxxx > > > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
