Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > Secure Shell

Reply
 
Thread Tools Display Modes
  #1  
Old 05-28-2019, 06:29 PM
rs919 rs919 is offline
Registered User
 
Join Date: May 2019
Posts: 1
SecureCRT and SSLH

I need to connect to an SSH server that is running SSLH - a system where HTTPS and SSH both run on port 443. When a client connects, SSLH waits a few seconds to see if the client is going to be the first to send data. Under normal circumstances in an HTTPS connection, the client sends the first piece of data, and in an SSH connection, the server sends the first piece of data. Basically, the client has 5 seconds to initiate SSL negotiation, and if it doesn't, SSLH decides this must be an SSH connection, and it bumps the connection over to the SSH server.

This works with Putty, but it doesn't work with SecureCRT.

Here's what I see in WireShark using Putty, where Putty allows the server to send data first:

<5 second pause after TCP connection>
Server sends: SSH-2.0-OpenSSH_6.4
Client sends: SSH-2.0-PuTTY-Release-0.55
Here's what I see in WireShark using SecureCRT, where SecureCRT immediately sends data after the TCP session connects:

<No pause after TCP connection>
Client sends: SSH-2.0-SecureCRT_8.5.3 (x64 build 1867)


Is there a way to suppress this? I've checked RFC 4253 (SSH) - it just says both server and client must send Protocol Version information, it doesn't say who sends first. In other words, SSLH isn't up to spec with the RFC. Of course, that doesn't help with the fact that Putty is ugly and SecureCRT is my preferred client. I have no control over the server, so no help there, either. Also, I need to connect to this server, so just choosing not to connect isn't an option.
Reply With Quote
  #2  
Old 05-29-2019, 09:33 AM
jpellegrini jpellegrini is offline
Registered User
 
Join Date: Mar 2019
Posts: 20
Unfortunately, this is not currently available in SecureCRT.

However, I have added this forum post to a feature request to implement the SSHL functionality. If/when this is ever implemented, we will post here to let you know.

Thanks!
__________________
Thanks,
--Jon

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 11:33 PM.