diff --git a/mitmproxy/proxy/layers/modes.py b/mitmproxy/proxy/layers/modes.py
index 426c2e8c0..40ebfda12 100644
--- a/mitmproxy/proxy/layers/modes.py
+++ b/mitmproxy/proxy/layers/modes.py
@@ -192,10 +192,12 @@ class Socks5Proxy(DestinationKnown):
         data = Socks5AuthData(self.context.client, user, password)
         yield Socks5AuthHook(data)
         if not data.valid:
-            yield from self.socks_err("authentication failed", 0x01)
+            # The VER field contains the current **version of the subnegotiation**, which is X'01'.
+            yield commands.SendData(self.context.client, b"\x01\x01")
+            yield from self.socks_err("authentication failed")
             return
 
-        yield commands.SendData(self.context.client, b"\x05\x00")
+        yield commands.SendData(self.context.client, b"\x01\x00")
         self.buf = self.buf[3 + user_len + pass_len:]
         self.state = self.state_connect
         yield from self.state()
diff --git a/test/mitmproxy/proxy/layers/test_modes.py b/test/mitmproxy/proxy/layers/test_modes.py
index cea12f29a..b04a1cf62 100644
--- a/test/mitmproxy/proxy/layers/test_modes.py
+++ b/test/mitmproxy/proxy/layers/test_modes.py
@@ -329,11 +329,11 @@ def test_socks5_trickle(tctx: Context):
     for x in b"\x05\x01\x02":
         playbook >> DataReceived(tctx.client, bytes([x]))
     playbook << SendData(tctx.client, b"\x05\x02")
-    for x in b"\x05\x04user\x08password":
+    for x in b"\x01\x04user\x08password":
         playbook >> DataReceived(tctx.client, bytes([x]))
     playbook << modes.Socks5AuthHook(Placeholder())
     playbook >> reply(side_effect=_valid_socks_auth)
-    playbook << SendData(tctx.client, b"\x05\x00")
+    playbook << SendData(tctx.client, b"\x01\x00")
     for x in b"\x05\x01\x00\x01\x7f\x00\x00\x01\x12\x34":
         playbook >> DataReceived(tctx.client, bytes([x]))
     assert playbook << SendData(tctx.client, b"\x05\x00\x00\x01\x00\x00\x00\x00\x00\x00")
@@ -368,14 +368,14 @@ def test_socks5_err(data: bytes, err: bytes, msg: str, tctx: Context):
 @pytest.mark.parametrize("client_greeting,server_choice,client_auth,server_resp,address,packed", [
     (b"\x05\x01\x02",
      b"\x05\x02",
-     b"\x05\x04user\x08password",
-     b"\x05\x00",
+     b"\x01\x04user\x08password",
+     b"\x01\x00",
      "127.0.0.1",
      b"\x01\x7f\x00\x00\x01"),
     (b"\x05\x02\x01\x02",
      b"\x05\x02",
-     b"\x05\x04user\x08password",
-     b"\x05\x00",
+     b"\x01\x04user\x08password",
+     b"\x01\x00",
      "127.0.0.1",
      b"\x01\x7f\x00\x00\x01"),
 ])
@@ -412,8 +412,8 @@ def test_socks5_auth_success(client_greeting: bytes, server_choice: bytes, clien
      "Client does not support SOCKS5 with user/password authentication."),
     (b"\x05\x02\x00\x02",
      b"\x05\x02",
-     b"\x05\x04" + b"user" + b"\x07" + b"errcode",
-     b"\x05\x01\x00\x01\x00\x00\x00\x00\x00\x00",
+     b"\x01\x04" + b"user" + b"\x07" + b"errcode",
+     b"\x01\x01",
      "authentication failed"),
 ])
 def test_socks5_auth_fail(client_greeting: bytes, server_choice: bytes, client_auth: bytes, err: bytes, msg: str,