openssh bugs - Jul 2023 - [Bug 3590] New: Why is the service name in the USERAUTH REQUEST message "ssh-connect" instead of "ssh-userauth"?

https://bugzilla.mindrot.org/show_bug.cgi?id=3590

            Bug ID: 3590
           Summary: Why is the service name in the USERAUTH REQUEST
                    message "ssh-connect" instead of
"ssh-userauth"?
           Product: Portable OpenSSH
           Version: -current
          Hardware: All
                OS: All
            Status: NEW
          Severity: trivial
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: rmsh1216 at 163.com

As mentioned in Section 4.7 of RFC2450, the'service name' is used to
describe a protocol layer. as we all know, the USERAUTH REQUEST
messages belong to the authentication protocol layer. 
According to my understanding, the service name in the message should
be "ssh-userauth" instead of "ssh-connection". I looked up
the code of
openssh and other SSH software. The service names in the USERAUTH
REQUEST messages are all "ssh-connection". I think I misunderstood the
meaning of service name. Can you tell me the reason?

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3590

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
                 CC|                            |djm at mindrot.org
         Resolution|---                         |FIXED

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
It's explained in rfc4252 section 5:
> The 'service name' specifies the service to start after
> authentication.  There may be several different authenticated
> services provided.  If the requested service is not available, the
> server MAY disconnect immediately or at any later time.  Sending a
> proper disconnect message is RECOMMENDED.  In any case, if the
> service does not exist, authentication MUST NOT be accepted.
"ssh-userauth" is used in an earlier SSH2_MSG_SERVICE_REQUEST to
request the authentication service, but the authentication is being
performed to request access to the "ssh-connection" service.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.