Hello, thanks for bringing this issue to our attention!
It is apparently caused by a bug in OpenSSH that was introduced in the commit you found:
if (rchan > INT_MAX) {
error("%s: invalid remote channel ID", __func__);
The 'rchan' variable represents SSH_MSG_CHANNEL_OPEN
message's 'sender channel' field, which is supposed to be uint32, a 32-bit unsigned integer (see RFC 4254). This means that OpenSSH's check with INT_MAX (the upper bound for signed 32-bit integer) is wrong.
Rebex generates 'sender channel' numbers randomly (except the first allocated channel, which always uses 0) within the uint32 range, which means that when communicating with OpenSSH 8 using SCP (which, unlike SFTP, involves a new channel for each transfer), there is a 50 % chance that a correct 'sender channel' number would be rejected by the server.
Fortunately, adding a workaround for this server-side bug is simple for us - we can just limit our 'sender channel' numbers to int32 as well. Then, the bug will not manifest itself. We'll prepare a hotfix and send you a link shortly.