PuTTY and WinSSHD banner message problem
Matchstick
Advanced Server to Bitvise's WinSSHD (www.bitvise.com) and I've
noticed that the pre-login banner message is no longer being
displayed.
The message appeared when connecting to Cygwin/OpenSSH with PuTTY and
it still appears when I use the command line OpenSSH client or SSH's
Secure Shell client to connect to WinSSHD but not when I attempt to
connect WinSSHD with PuTTY.
So I was wondering if I'd just missed something somewhere or if this
was a known problem with Putty or WinSSHD and if it is whether there's
a work around.
Putty is v0.53b on Win98SE and Win2k, WinSSHD is v3.11 on Win2k
Advanced Server.
--
Matchstick
matchstick (at) oofg [dot] com
Simon Tatham
> So I was wondering if I'd just missed something somewhere or if this
> was a known problem with Putty or WinSSHD and if it is whether there's
> a work around.
This isn't a known problem, no; perhaps you'd like to post an SSH
packet log so I can see whether the banner is actually being sent or
not. (If you type any passwords you'll need to edit them out of the
log before posting it, but since everything of interest happens
before the login phase that shouldn't be a problem.)
--
Simon Tatham "Imagine what the world would be like if
<ana...@pobox.com> there were no hypothetical situations..."
Matchstick
says...
> Matchstick <hoyvpy...@spammotel.com> wrote:
> > So I was wondering if I'd just missed something somewhere or if this
> > was a known problem with Putty or WinSSHD and if it is whether there's
> > a work around.
>
> This isn't a known problem, no; perhaps you'd like to post an SSH
> packet log so I can see whether the banner is actually being sent or
> not. (If you type any passwords you'll need to edit them out of the
> log before posting it, but since everything of interest happens
> before the login phase that shouldn't be a problem.)
>
to reply)
Reading my previous message I may have been a little unclear about which
banner message I mean.
Just to be clear the one I'm referring to appears after the login name
is specified but before the password is entered.
Anyway, I've noticed that if the username is specified as part of the
host name (i.e user...@foobar.com) then the banner is displayed in
putty, but if the username isn't specified and is manually entered after
connecting to the server, the banner isnt displayed.
This is the packet log for a connection where the username is not
specified (a packet log where it is specified is available if you want)
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2003.11.20 12:00:00
=~=~=~=~=~=~=~=~=~=~=~=
Event Log: Writing new session log (SSH packets mode) to file: putty.log
Event Log: Looking up host "<munged>"
Event Log: Connecting to <munged> port <munged>
Event Log: Server version: SSH-2.0-1.35 sshlib: WinSSHD 3.11
Event Log: We claim version: SSH-2.0-PuTTY-Release-0.53b
Event Log: Using SSH protocol version 2
Incoming packet type 20 / 0x14 (SSH2_MSG_KEXINIT)
00000000 ac 94 a4 1a 38 cd 9a 2b ee e7 b0 53 9d 1e e5 5a ....8..
+...S...Z
00000010 00 00 00 1a 64 69 66 66 69 65 2d 68 65 6c 6c 6d ....diffie-
hellm
00000020 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 an-group1-
sha1..
00000030 00 07 73 73 68 2d 64 73 73 00 00 00 69 61 65 73 ..ssh-
dss...iaes
00000040 32 35 36 2d 63 62 63 2c 74 77 6f 66 69 73 68 32 256-
cbc,twofish2
00000050 35 36 2d 63 62 63 2c 74 77 6f 66 69 73 68 2d 63 56-
cbc,twofish-c
00000060 62 63 2c 61 65 73 31 32 38 2d 63 62 63 2c 74 77 bc,aes128-
cbc,tw
00000070 6f 66 69 73 68 31 32 38 2d 63 62 63 2c 62 6c 6f ofish128-
cbc,blo
00000080 77 66 69 73 68 2d 63 62 63 2c 33 64 65 73 2d 63 wfish-
cbc,3des-c
00000090 62 63 2c 61 72 63 66 6f 75 72 2c 63 61 73 74 31
bc,arcfour,cast1
000000a0 32 38 2d 63 62 63 00 00 00 69 61 65 73 32 35 36 28-
cbc...iaes256
000000b0 2d 63 62 63 2c 74 77 6f 66 69 73 68 32 35 36 2d -
cbc,twofish256-
000000c0 63 62 63 2c 74 77 6f 66 69 73 68 2d 63 62 63 2c
cbc,twofish-cbc,
000000d0 61 65 73 31 32 38 2d 63 62 63 2c 74 77 6f 66 69 aes128-
cbc,twofi
000000e0 73 68 31 32 38 2d 63 62 63 2c 62 6c 6f 77 66 69 sh128-
cbc,blowfi
000000f0 73 68 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 2c sh-
cbc,3des-cbc,
00000100 61 72 63 66 6f 75 72 2c 63 61 73 74 31 32 38 2d
arcfour,cast128-
00000110 63 62 63 00 00 00 2b 68 6d 61 63 2d 73 68 61 31 cbc...
+hmac-sha1
00000120 2c 68 6d 61 63 2d 6d 64 35 2c 68 6d 61 63 2d 73 ,hmac-
md5,hmac-s
00000130 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d ha1-
96,hmac-md5-
00000140 39 36 00 00 00 2b 68 6d 61 63 2d 73 68 61 31 2c 96...+hmac-
sha1,
00000150 68 6d 61 63 2d 6d 64 35 2c 68 6d 61 63 2d 73 68 hmac-
md5,hmac-sh
00000160 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 a1-96,hmac-
md5-9
00000170 36 00 00 00 09 7a 6c 69 62 2c 6e 6f 6e 65 00 00
6....zlib,none..
00000180 00 09 7a 6c 69 62 2c 6e 6f 6e 65 00 00 00 00 00
..zlib,none.....
00000190 00 00 00 00 00 00 00 00 ........
Outgoing packet type 20 / 0x14 (SSH2_MSG_KEXINIT)
00000000 27 76 57 11 8b c8 46 9b db 66 26 ed 92 83 ee e8
'vW...F..f&.....
00000010 00 00 00 3d 64 69 66 66 69 65 2d 68 65 6c 6c 6d ...=diffie-
hellm
00000020 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 an-group-
exchang
00000030 65 2d 73 68 61 31 2c 64 69 66 66 69 65 2d 68 65 e-
sha1,diffie-he
00000040 6c 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 llman-
group1-sha
00000050 31 00 00 00 0f 73 73 68 2d 72 73 61 2c 73 73 68 1....ssh-
rsa,ssh
00000060 2d 64 73 73 00 00 00 82 61 65 73 32 35 36 2d 63 -
dss....aes256-c
00000070 62 63 2c 72 69 6a 6e 64 61 65 6c 32 35 36 2d 63
bc,rijndael256-c
00000080 62 63 2c 72 69 6a 6e 64 61 65 6c 2d 63 62 63 40
bc,rijndael-cbc@
00000090 6c 79 73 61 74 6f 72 2e 6c 69 75 2e 73 65 2c 61
lysator.liu.se,a
000000a0 65 73 31 39 32 2d 63 62 63 2c 72 69 6a 6e 64 61 es192-
cbc,rijnda
000000b0 65 6c 31 39 32 2d 63 62 63 2c 61 65 73 31 32 38 el192-
cbc,aes128
000000c0 2d 63 62 63 2c 72 69 6a 6e 64 61 65 6c 31 32 38 -
cbc,rijndael128
000000d0 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 -
cbc,blowfish-cb
000000e0 63 2c 33 64 65 73 2d 63 62 63 00 00 00 82 61 65 c,3des-
cbc....ae
000000f0 73 32 35 36 2d 63 62 63 2c 72 69 6a 6e 64 61 65 s256-
cbc,rijndae
00000100 6c 32 35 36 2d 63 62 63 2c 72 69 6a 6e 64 61 65 l256-
cbc,rijndae
00000110 6c 2d 63 62 63 40 6c 79 73 61 74 6f 72 2e 6c 69 l-
c...@lysator.li
00000120 75 2e 73 65 2c 61 65 73 31 39 32 2d 63 62 63 2c
u.se,aes192-cbc,
00000130 72 69 6a 6e 64 61 65 6c 31 39 32 2d 63 62 63 2c
rijndael192-cbc,
00000140 61 65 73 31 32 38 2d 63 62 63 2c 72 69 6a 6e 64 aes128-
cbc,rijnd
00000150 61 65 6c 31 32 38 2d 63 62 63 2c 62 6c 6f 77 66 ael128-
cbc,blowf
00000160 69 73 68 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 ish-
cbc,3des-cbc
00000170 00 00 00 17 68 6d 61 63 2d 73 68 61 31 2c 68 6d ....hmac-
sha1,hm
00000180 61 63 2d 6d 64 35 2c 6e 6f 6e 65 00 00 00 17 68 ac-
md5,none....h
00000190 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64 mac-
sha1,hmac-md
000001a0 35 2c 6e 6f 6e 65 00 00 00 0e 6e 6f 6e 65 2c 7a
5,none....none,z
000001b0 6c 69 62 2c 6e 6f 6e 65 00 00 00 0e 6e 6f 6e 65
lib,none....none
000001c0 2c 7a 6c 69 62 2c 6e 6f 6e 65 00 00 00 00 00 00
,zlib,none......
000001d0 00 00 00 00 00 00 00 .......
Event Log: Doing Diffie-Hellman key exchange
Outgoing packet type 30 / 0x1e (SSH2_MSG_KEXDH_INIT)
00000000 00 00 00 81 00 a6 2d e7 02 05 d9 10 0a 34 73 84
......-......4s.
00000010 a6 cf 62 67 8b 17 d0 00 7e de cb 7a 03 89 43 ee ..bg....
~..z..C.
00000020 97 2f ee 19 ca 58 7f 77 52 56 f4 da 66 28 1d fe
./...X.wRV..f(..
00000030 ca 82 b0 73 19 3b 94 b7 39 23 dc 37 56 7c 17 2b ...s.;..9
#.7V|.+
00000040 52 55 4f 4d e2 02 fb 59 1b d7 fa 43 b7 31 a6 a6
RUOM...Y...C.1..
00000050 6a 94 e0 0d 91 a6 99 29 58 78 86 d9 ae d7 80 7c j......)
Xx.....|
00000060 27 02 2c 4f 58 9a b5 3d 02 c9 7a 9f b2 07 31 37 '.,OX..
=..z...17
00000070 29 aa af 19 78 f0 78 69 6f dd 22 8e 6e 81 7f 95
)...x.xio.".n...
00000080 02 16 d8 61 7e ...a~
Incoming packet type 31 / 0x1f (SSH2_MSG_KEXDH_REPLY)
00000000 00 00 01 b2 00 00 00 07 73 73 68 2d 64 73 73 00
........ssh-dss.
00000010 00 00 81 00 e4 16 0e c4 1f 6c 1d d9 97 eb 46 1b
.........l....F.
00000020 6c 76 38 22 db 6d b2 be 5e 0b b5 c7 69 c3 59 1c lv8".m..
^...i.Y.
00000030 51 3d 16 48 61 45 2b d6 18 3b 39 32 02 45 a8 58
Q=.HaE+..;92.E.X
00000040 4c 81 ae 68 13 65 10 97 85 5d 99 3f 82 ed c5 4e
L..h.e...].?...N
00000050 f3 c3 f5 2d b1 3d f8 7e 57 4d b3 54 f3 64 32 f1 ...-.=.
~WM.T.d2.
00000060 5e e7 78 02 a6 70 29 d4 7a af 3f e5 6a f9 1d ff
^.x..p).z.?.j...
00000070 5c db 3c ad bc 53 8d dc f2 c6 b8 5c 04 46 76 f2 \.<..S.....
\.Fv.
00000080 b4 05 d8 e3 ba 4d f0 97 7e 5e 76 7f df 4a 8c 32 .....M..
~^v..J.2
00000090 b2 ed a4 bd 00 00 00 15 00 ab 69 4a 8e c0 05 fe
..........iJ....
000000a0 42 af fd f3 f1 4f 7c eb 34 f8 31 63 47 00 00 00
B....O|.4.1cG...
000000b0 80 47 e3 a8 6e e2 d5 23 29 02 04 c3 6a 4c 78 42 .G..n..
#)...jLxB
000000c0 a3 08 dc 9f a8 71 5c 82 df 68 cd 41 e2 86 6b 9a .....q
\..h.A..k.
000000d0 b2 60 92 6f 40 13 09 90 b2 a9 c1 d8 18 9a 6f 00 .
`.o@.........o.
000000e0 e7 27 df 61 81 32 a5 39 13 aa 19 aa 75 7e 54 a8
.'.a.2.9....u~T.
000000f0 b0 e9 92 c9 7b e3 18 ec 81 a5 ec cd 72 c5 77 8d ....
{.......r.w.
00000100 f5 16 47 33 4d d1 b8 65 ab 36 26 e1 f3 ed 49 ab ..G3M..e.6
&...I.
00000110 fe 4f 2a c5 d0 62 e0 00 76 2d 62 ec 4c 67 6f ee .O*..b..v-
b.Lgo.
00000120 70 c7 2b 1a 7c cd 43 98 43 c5 2f 52 ba f6 9b af p.+.
|.C.C./R....
00000130 fe 00 00 00 81 00 c2 bd c6 7b f2 34 ac 27 30 05 .........
{.4.'0.
00000140 b0 5b 56 72 41 e6 63 45 9e 5c e4 57 e2 71 b2 00 .[VrA.cE.
\.W.q..
00000150 36 7c 17 bb b9 4f 64 07 00 74 2b b3 ab e2 6e f5 6
|...Od..t+...n.
00000160 3b d1 c2 11 5f cb d8 41 4f d4 96 1c b5 b6 37 3c ;...
_..AO.....7<
00000170 31 5d 52 01 35 cb e8 50 e5 27 47 96 93 e6 94 4d 1]
R.5..P.'G....M
00000180 e2 d4 90 35 83 08 90 66 85 aa 40 d5 b7 b6 a9 de ...5...f..
@.....
00000190 dd 17 b6 59 dd 8e ce 5e 62 fd 08 96 85 56 2d de ...Y...
^b....V-.
000001a0 4b da 07 98 ac 24 64 6c af 3a 00 cf 99 4a ec 61 K....
$dl.:...J.a
000001b0 a3 a1 1a cf 51 53 00 00 00 80 34 d4 c5 6e 2b fa
....QS....4..n+.
000001c0 24 0c 31 0d 11 ed 7e 46 9e f1 bc 4c e6 c9 06 25 $.1...
~F...L...%
000001d0 8c 03 cf 26 e5 1d b5 74 45 61 95 e8 4b 79 be 43 ...
&...tEa..Ky.C
000001e0 83 6e d3 06 39 4a af 21 bf 62 5a e2 05 02 38 27
.n..9J.!.bZ...8'
000001f0 e1 82 e3 86 63 9c 50 b3 41 58 6a 1d 03 f4 c6 ba
....c.P.AXj.....
00000200 d2 db 09 b6 99 fd 13 39 0e ac f0 c8 de 4c 39 19
.......9.....L9.
00000210 8a 45 a9 e9 25 e6 be 1a 34 89 f6 38 be 00 16 7c
.E..%...4..8...|
00000220 85 93 57 7d ce 26 c6 43 4b 22 0b fd 5f 3c 4d 26 ..W}.
&.CK".._<M&
00000230 78 e9 b5 1e 23 44 48 dd b1 14 00 00 00 37 00 00 x...
#DH......7..
00000240 00 07 73 73 68 2d 64 73 73 00 00 00 28 77 16 a8 ..ssh-
dss...(w..
00000250 b3 fd ff 14 fc f5 67 17 c1 a2 a6 37 8a 1e 48 22
......g....7..H"
00000260 17 9f 27 d1 93 d6 67 cc 68 a2 a9 56 8f 52 1f 06
..'...g.h..V.R..
00000270 b0 db 9e 33 bd ...3.
Event Log: Host key fingerprint is:
Event Log: ssh-dss 1024 f9:23:e4:b3:0e:ad:5e:f2:7f:28:f5:c5:9c:cc:ac:55
Outgoing packet type 21 / 0x15 (SSH2_MSG_NEWKEYS)
Incoming packet type 21 / 0x15 (SSH2_MSG_NEWKEYS)
Event Log: Initialised AES-256 client->server encryption
Event Log: Initialised AES-256 server->client encryption
Outgoing packet type 5 / 0x05 (SSH2_MSG_SERVICE_REQUEST)
00000000 00 00 00 0c 73 73 68 2d 75 73 65 72 61 75 74 68 ....ssh-
userauth
Incoming packet type 6 / 0x06 (SSH2_MSG_SERVICE_ACCEPT)
00000000 00 00 00 0c 73 73 68 2d 75 73 65 72 61 75 74 68 ....ssh-
userauth
Incoming packet type 53 / 0x35 (SSH2_MSG_USERAUTH_BANNER)
00000000 00 00 04 bc 0d 0a 20 20 20 20 20 20 20 20 20 20 ......
00000010 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
00000020 20 20 2a 2a 2a 2a 55 53 41 47 45 20 57 41 52 4e ****USAGE
WARN
00000030 49 4e 47 2a 2a 2a 2a 0d 0a 0d 0a 54 68 69 73 20
ING****....This
00000040 69 73 20 61 20 70 72 69 76 61 74 65 20 63 6f 6d is a
private com
00000050 70 75 74 65 72 20 73 79 73 74 65 6d 2e 20 54 68 puter
system. Th
00000060 69 73 20 63 6f 6d 70 75 74 65 72 20 73 79 73 74 is computer
syst
00000070 65 6d 2c 20 69 6e 63 6c 75 64 69 6e 67 20 61 6c em,
including al
00000080 6c 0d 0a 72 65 6c 61 74 65 64 20 65 71 75 69 70 l..related
equip
00000090 6d 65 6e 74 2c 20 6e 65 74 77 6f 72 6b 73 2c 20 ment,
networks,
000000a0 61 6e 64 20 6e 65 74 77 6f 72 6b 20 64 65 76 69 and network
devi
000000b0 63 65 73 20 28 73 70 65 63 69 66 69 63 61 6c 6c ces
(specificall
000000c0 79 20 69 6e 63 6c 75 64 69 6e 67 0d 0a 49 6e 74 y
including..Int
000000d0 65 72 6e 65 74 20 61 63 63 65 73 73 29 20 61 72 ernet
access) ar
000000e0 65 20 70 72 6f 76 69 64 65 64 20 6f 6e 6c 79 20 e provided
only
000000f0 66 6f 72 20 61 75 74 68 6f 72 69 7a 65 64 20 75 for
authorized u
00000100 73 65 2e 20 54 68 69 73 20 63 6f 6d 70 75 74 65 se. This
compute
00000110 72 20 73 79 73 74 65 6d 0d 0a 6d 61 79 20 62 65 r
system..may be
00000120 20 6d 6f 6e 69 74 6f 72 65 64 20 66 6f 72 20 61 monitored
for a
00000130 6c 6c 20 6c 61 77 66 75 6c 20 70 75 72 70 6f 73 ll lawful
purpos
00000140 65 73 2c 20 69 6e 63 6c 75 64 69 6e 67 20 74 6f es,
including to
00000150 20 65 6e 73 75 72 65 20 74 68 61 74 20 69 74 73 ensure
that its
00000160 20 75 73 65 0d 0a 69 73 20 61 75 74 68 6f 72 69 use..is
authori
00000170 7a 65 64 2c 20 66 6f 72 20 6d 61 6e 61 67 65 6d zed, for
managem
00000180 65 6e 74 20 6f 66 20 74 68 65 20 73 79 73 74 65 ent of the
syste
00000190 6d 2c 20 74 6f 20 66 61 63 69 6c 69 74 61 74 65 m, to
facilitate
000001a0 20 70 72 6f 74 65 63 74 69 6f 6e 20 61 67 61 69 protection
agai
000001b0 6e 73 74 0d 0a 75 6e 61 75 74 68 6f 72 69 7a 65
nst..unauthorize
000001c0 64 20 61 63 63 65 73 73 2c 20 61 6e 64 20 74 6f d access,
and to
000001d0 20 76 65 72 69 66 79 20 73 65 63 75 72 69 74 79 verify
security
000001e0 20 70 72 6f 63 65 64 75 72 65 73 2c 20 73 75 72
procedures, sur
000001f0 76 69 76 61 62 69 6c 69 74 79 2c 20 61 6e 64 0d vivability,
and.
00000200 0a 6f 70 65 72 61 74 69 6f 6e 61 6c 20 73 65 63
.operational sec
00000210 75 72 69 74 79 2e 20 4d 6f 6e 69 74 6f 72 69 6e urity.
Monitorin
00000220 67 20 69 6e 63 6c 75 64 65 73 20 61 63 74 69 76 g includes
activ
00000230 65 20 61 74 74 61 63 6b 73 20 62 79 20 61 75 74 e attacks
by aut
00000240 68 6f 72 69 7a 65 64 20 65 6e 74 69 74 69 65 73 horized
entities
00000250 0d 0a 74 6f 20 74 65 73 74 20 6f 72 20 76 65 72 ..to test
or ver
00000260 69 66 79 20 74 68 65 20 73 65 63 75 72 69 74 79 ify the
security
00000270 20 6f 66 20 74 68 69 73 20 73 79 73 74 65 6d 2e of this
system.
00000280 20 44 75 72 69 6e 67 20 6d 6f 6e 69 74 6f 72 69 During
monitori
00000290 6e 67 2c 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 0d ng,
information.
000002a0 0a 6d 61 79 20 62 65 20 65 78 61 6d 69 6e 65 64 .may be
examined
000002b0 2c 20 72 65 63 6f 72 64 65 64 2c 20 63 6f 70 69 , recorded,
copi
000002c0 65 64 20 61 6e 64 20 75 73 65 64 20 66 6f 72 20 ed and used
for
000002d0 61 75 74 68 6f 72 69 7a 65 64 20 70 75 72 70 6f authorized
purpo
000002e0 73 65 73 2e 20 41 6c 6c 0d 0a 69 6e 66 6f 72 6d ses.
All..inform
000002f0 61 74 69 6f 6e 2c 20 69 6e 63 6c 75 64 69 6e 67 ation,
including
00000300 20 70 65 72 73 6f 6e 61 6c 20 69 6e 66 6f 72 6d personal
inform
00000310 61 74 69 6f 6e 2c 20 70 6c 61 63 65 64 20 6f 72 ation,
placed or
00000320 20 73 65 6e 74 20 6f 76 65 72 20 74 68 69 73 20 sent over
this
00000330 73 79 73 74 65 6d 0d 0a 6d 61 79 20 62 65 20 6d system..may
be m
00000340 6f 6e 69 74 6f 72 65 64 2e 0d 0a 0d 0a 55 73 65
onitored.....Use
00000350 20 6f 66 20 74 68 69 73 20 63 6f 6d 70 75 74 65 of this
compute
00000360 72 20 73 79 73 74 65 6d 2c 20 61 75 74 68 6f 72 r system,
author
00000370 69 7a 65 64 20 6f 72 20 75 6e 61 75 74 68 6f 72 ized or
unauthor
00000380 69 7a 65 64 2c 20 63 6f 6e 73 74 69 74 75 74 65 ized,
constitute
00000390 73 20 63 6f 6e 73 65 6e 74 0d 0a 74 6f 20 6d 6f s
consent..to mo
000003a0 6e 69 74 6f 72 69 6e 67 20 6f 66 20 74 68 69 73 nitoring of
this
000003b0 20 73 79 73 74 65 6d 2e 20 55 6e 61 75 74 68 6f system.
Unautho
000003c0 72 69 7a 65 64 20 75 73 65 20 6d 61 79 20 73 75 rized use
may su
000003d0 62 6a 65 63 74 20 79 6f 75 20 74 6f 20 63 72 69 bject you
to cri
000003e0 6d 69 6e 61 6c 0d 0a 70 72 6f 73 65 63 75 74 69
minal..prosecuti
000003f0 6f 6e 2e 20 45 76 69 64 65 6e 63 65 20 6f 66 20 on.
Evidence of
00000400 75 6e 61 75 74 68 6f 72 69 7a 65 64 20 75 73 65
unauthorized use
00000410 20 63 6f 6c 6c 65 63 74 65 64 20 64 75 72 69 6e collected
durin
00000420 67 20 6d 6f 6e 69 74 6f 72 69 6e 67 20 6d 61 79 g
monitoring may
00000430 20 62 65 0d 0a 75 73 65 64 20 66 6f 72 20 61 64 be..used
for ad
00000440 6d 69 6e 69 73 74 72 61 74 69 76 65 2c 20 63 72
ministrative, cr
00000450 69 6d 69 6e 61 6c 2c 20 6f 72 20 6f 74 68 65 72 iminal, or
other
00000460 20 61 64 76 65 72 73 65 20 61 63 74 69 6f 6e 2e adverse
action.
00000470 20 55 73 65 20 6f 66 20 74 68 69 73 20 73 79 73 Use of
this sys
00000480 74 65 6d 0d 0a 63 6f 6e 73 74 69 74 75 74 65 73
tem..constitutes
00000490 20 63 6f 6e 73 65 6e 74 20 74 6f 20 6d 6f 6e 69 consent to
moni
000004a0 74 6f 72 69 6e 67 20 66 6f 72 20 74 68 65 73 65 toring for
these
000004b0 20 70 75 72 70 6f 73 65 73 2e 0d 0a 0d 0a 0d 0a
purposes.......
000004c0 00 00 00 00 ....
Outgoing packet type 50 / 0x32 (SSH2_MSG_USERAUTH_REQUEST)
00000000 00 00 00 08 6e 6f 74 61 75 73 65 72 00 00 00 0e
....notauser....
00000010 73 73 68 2d 63 6f 6e 6e 65 63 74 69 6f 6e 00 00 ssh-
connection..
00000020 00 04 6e 6f 6e 65 ..none
Incoming packet type 51 / 0x33 (SSH2_MSG_USERAUTH_FAILURE)
00000000 00 00 00 12 70 75 62 6c 69 63 6b 65 79 2c 70 61
....publickey,pa
00000010 73 73 77 6f 72 64 00 ssword.
Hope this is of some use and thanks for your help on this.
Cheers
Paul
--
Contact Address matchstick a t oofg d o t com
"The wages of sin are death... but the hours are good and the perks are
fantastic."
Simon Tatham
> Anyway, I've noticed that if the username is specified as part of the
> host name (i.e user...@foobar.com) then the banner is displayed in
> putty, but if the username isn't specified and is manually entered after
> connecting to the server, the banner isnt displayed.
Hmmm. Yes, now I can see the problem: PuTTY accidentally drops the
USERAUTH_BANNER message if it comes in while it's waiting for user
name input. I never noticed this before because I tested against
OpenSSH, which doesn't _send_ the banner until after the first
(unauthenticated) login attempt.
I'll add this to the wish list as a known bug, and I might fix it
soon if I can find time. Sorry about that.
--
Simon Tatham "You may call that a cheap shot.
<ana...@pobox.com> I prefer to think of it as good value."
Matchstick
says...
> Hmmm. Yes, now I can see the problem: PuTTY accidentally drops the
> USERAUTH_BANNER message if it comes in while it's waiting for user
> name input. I never noticed this before because I tested against
> OpenSSH, which doesn't _send_ the banner until after the first
> (unauthenticated) login attempt.
>
> I'll add this to the wish list as a known bug, and I might fix it
> soon if I can find time. Sorry about that.
Not a problem... just wondering really if I'd screwed something up :)
Cheers for your help.