version 1.53, 2023/12/20 00:06:25 |
version 1.54, 2024/01/08 04:10:03 |
|
|
name in a peer's KEXINIT packet, it MUST make the following changes to |
name in a peer's KEXINIT packet, it MUST make the following changes to |
the protocol: |
the protocol: |
|
|
a) During initial KEX, terminate the connection if any unexpected or |
a) During initial KEX, terminate the connection if out-of-sequence |
out-of-sequence packet is received. This includes terminating the |
packet or any message that is not strictly required by KEX is |
connection if the first packet received is not SSH2_MSG_KEXINIT. |
received. This includes terminating the connection if the first |
Unexpected packets for the purpose of strict KEX include messages |
packet received is not SSH2_MSG_KEXINIT. Unexpected packets for |
that are otherwise valid at any time during the connection such as |
the purpose of strict KEX include messages that are otherwise |
SSH2_MSG_DEBUG and SSH2_MSG_IGNORE. |
valid at any time during the connection such as SSH2_MSG_DEBUG, |
|
SSH2_MSG_IGNORE or SSH2_MSG_UNIMPLEMENTED. |
b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the |
b) After sending or receiving a SSH2_MSG_NEWKEYS message, reset the |
packet sequence number to zero. This behaviour persists for the |
packet sequence number to zero. This behaviour persists for the |
duration of the connection (i.e. not just the first |
duration of the connection (i.e. not just the first |