[Bug 3814] incorrect signature when ssh'ing to an AIX server (Big Endian) from amd64 (Little endian)
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Apr 18 13:17:48 AEST 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3814
Darren Tucker <dtucker at dtucker.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at dtucker.net
Version|10.0p1 |9.9p1
--- Comment #1 from Darren Tucker <dtucker at dtucker.net> ---
This is a known bug in 9.9p1 in the mlkem768x25519-sha256 key exchange
algorithm on bigendian platforms. You didn't see it until you upgraded
to 10.0 since that version selects mlkem768x25519-sha256 by default if
the server supports it.
Your options are:
- update the AIX server to 9.9p2 or newer.
- Apply
https://github.com/openssh/openssh-portable/commit/11f348196b3fb51c3d8d1f4f36db9d73f03149ed
and recompile (depending on compilers and headers, you may also need
some of the following patches to make it compile)
- remove mlkem768x25519-sha256 from KexAlgorithms on the client,
server or both ("KexAlgorithms -mlkem768x25519-sha256" in sshd_config
and/or sshd_config.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list