[Bug 458364] New: Using openssh to connect to Juniper ScreenOS firewall fails
https://bugzilla.novell.com/show_bug.cgi?id=458364 Summary: Using openssh to connect to Juniper ScreenOS firewall fails Product: openSUSE 11.1 Version: Final Platform: x86-64 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: dbailey@datanetworks.com QAContact: qa@suse.de Found By: Third Party Developer/Partner I am running the following packages: openssl-0.9.8h-28.3 openssh-5.1p1-40.7 There is a type 80 message being passed at connection establishment time that is causing the connection with a Juniper firewall to fail. I have also reported the issue to Juniper technical assistance center. The firewall is correctly configured for SSH v2, and authentication is successful, but during connection establishment, the firewall receives an SSH message type 80 and aborts the connection. Juniper KBase Entry KB10753 Contains Details explaining that the firewalls do not support type 80 messages. http://kb.juniper.net/index?page=content&id=KB10753 Adding the following to the ~/.ssh/config file does not resolve the issue, and besides it is happening during connection establishment, not after a timeout period. Host * TCPKeepAlive no ServerAliveInterval 0 I've attached a verbose session establishment attempt and a firewall debug session. If you'd like to have the JTAC case number, please email me. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=458364
User dbailey@datanetworks.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=458364#c1
--- Comment #1 from David Bailey
https://bugzilla.novell.com/show_bug.cgi?id=458364
User dbailey@datanetworks.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=458364#c2
--- Comment #2 from David Bailey
https://bugzilla.novell.com/show_bug.cgi?id=458364
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=458364#c3
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=458364
User dbailey@datanetworks.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=458364#c4
--- Comment #4 from David Bailey
https://bugzilla.novell.com/show_bug.cgi?id=458364
User anicka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=458364#c5
Anna Bernathova
https://bugzilla.novell.com/show_bug.cgi?id=458364
User dbailey@datanetworks.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=458364#c6
--- Comment #6 from David Bailey
https://bugzilla.novell.com/show_bug.cgi?id=458364
User dbailey@datanetworks.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=458364#c7
David Bailey
https://bugzilla.novell.com/show_bug.cgi?id=458364
User dbailey@datanetworks.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=458364#c8
--- Comment #8 from David Bailey
participants (1)
-
bugzilla_noreply@novell.com