libnetconf2 icon indicating copy to clipboard operation
libnetconf2 copied to clipboard
verified publisher icon CESNET

ssh banner too large error

Open yoousra opened this issue 1 month ago • 1 comments

Hi,

Used versions:

libnetconf2-3.7.10 libssh-0.10.5 netopeer2-2.4.5 sysrepo-3.7.11 libyang-3.13.6

I have a question about the banner leaf used in the callhome over ssh: https://github.com/CESNET/libnetconf2/blob/v3.7.10/modules/libnetconf2-netconf-server%402025-06-02.yang#L284

In the .yang it says the max length is 247 characters, so I fill it with 247, but the callhome 'connect' fails with error:

Starting the SSH session failed (Receiving banner: too large banner).

When I print the final content of the banner used in libssh code, I see that it starts with SSH-2.0- and then the content I filled the leaf banner with, and then potentially some other characters (maybe the Carriage Return (CR) and the single Line Feed (LF) as mentioned here: https://datatracker.ietf.org/doc/html/rfc4253#section-4.2 section 4.2 ?), with in total over 255 characters = SSH-2.0- + my_banner + CR + LF (maybe?) which gives 257 characters if we calculate the CR and LF if I understand well, which exceeds 255 characters, hence the error.

But this is just the hypothesis I made, so I wanted to make sure, does libnetconf2 add SSH-2.0- (and other characters?) to the banner I give?

Thank you for your clarification.

yoousra avatar Dec 01 '25 17:12 yoousra

Hi, libnetconf2 does not add anything. It would seem that libssh adds SSH-2.0- (8 bytes) to the front and \r\n (2 bytes) to the end of every banner. So you are right, the max length in YANG should be changed from 247 to length "1..245".

Roytak avatar Dec 02 '25 03:12 Roytak