Ack...OpenSSH no longer compatible with SSH 1.2.26 clients?

Marc G. Fournier marc.fournier at acadiau.ca
Mon Jan 3 08:47:21 EST 2000



sshd -d:
debug: sshd version OpenSSH-1.2.1
Server listening on port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug: Server will not fork when running in debugging mode.
Connection from 131.162.138.223 port 745
debug: Client protocol version 1.5; client software version 1.2.26
debug: Sent 768 bit public key and 1024 bit host key.
debug: Encryption type: 3des
debug: Received session key; encryption turned on.
debug: Installing crc compensation attack detector.
Disconnecting: Corrupted check bytes on input.
debug: Calling cleanup 0x806028c(0x0)


ssh -v:
SSH Version 1.2.26 [i386--freebsd3.2], protocol version 1.5.
Compiled with RSAREF.
atelier.acadiau.ca: Reading configuration data /usr/local/etc/ssh_config
atelier.acadiau.ca: ssh_connect: getuid 1000 geteuid 0 anon 0
atelier.acadiau.ca: Connecting to dragon [131.162.200.56] port 22.
atelier.acadiau.ca: Allocated local port 745.
atelier.acadiau.ca: Connection established.
atelier.acadiau.ca: Remote protocol version 1.5, remote software version
OpenSSH-1.2.1
atelier.acadiau.ca: Waiting for server public key.
atelier.acadiau.ca: Received server public key (768 bits) and host key
(1024 bits).
Host key not found from the list of known hosts.
Are you sure you want to continue connecting (yes/no)? yes
Host 'dragon' added to the list of known hosts.
atelier.acadiau.ca: Initializing random; seed file
/home/marc/.ssh/random_seed
atelier.acadiau.ca: IDEA not supported, using 3des instead.
atelier.acadiau.ca: Encryption type: 3des
atelier.acadiau.ca: Sent encrypted session key.
atelier.acadiau.ca: Installing crc compensation attack detector.
Local: Corrupted check bytes on input.

>From the code, the error is being generated in packet.c:

        ucp = (unsigned char *) buffer_ptr(&incoming_packet) + len - 4;
        stored_checksum = GET_32BIT(ucp);
        if (checksum != stored_checksum)
                packet_disconnect("Corrupted check bytes on input.");
        buffer_consume_end(&incoming_packet, 4);

Quick suggestion, but adding the pre24 to the version string would
help...but, one of my other servers, I'm sure, is running pre23
successfully ...

Is there maybe some file, like the random_seed file, that got corrupted
and needs to be removed/regenerated?  I've tried redoing teh server_key
file several times, but that hasn't helped...




On Sun, 2 Jan 2000, Damien Miller wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Fri, 31 Dec 1999, Marc G. Fournier wrote:
> 
> > Yup, just checked a few other hosts connecting in...I can connect
> > from any host that has OpenSSH installed to the server in question,
> > but not from a host that has the older 1.2.26 clients installed :(
> 
> I can't replicate this behaviour.
> 
> Can you turn on maximum debugging for both the server and the 
> client and tell me what it says during a failed connect attempt?
> 
> Thanks,
> Damien
> 
> - --
> | "Bombay is 250ms from New York in the new world order" - Alan Cox
> | Damien Miller - http://www.mindrot.org/
> | Email: djm at mindrot.org (home) -or- djm at ibs.com.au (work)
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.0 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
> 
> iD8DBQE4b0MjormJ9RG1dI8RAsP3AKC0fJqXh/i41jOTGPahtwaoQu+fGgCZASH6
> e6sv0W6928+K+AnskB6t1js=
> =u5Eo
> -----END PGP SIGNATURE-----
> 
> 
> 

Marc G. Fournier                                 marc.fournier at acadiau.ca
Senior Systems Administrator                            Acadia University

  "These are my opinions, which are not necessarily shared by my employer"






More information about the openssh-unix-dev mailing list