openssh 2.2.0p1 fails with openssl 0.9.6-beta1
Markus Friedl
Markus.Friedl at informatik.uni-erlangen.de
Sat Sep 16 00:39:23 EST 2000
On Thu, Sep 14, 2000 at 07:34:31PM +0200, Richard Levitte - VMS Whacker wrote:
> From: Lutz Jaenicke <Lutz.Jaenicke at aet.TU-Cottbus.DE>
>
> Lutz.Jaenicke> I did some more experiments and also saw the problems.
> Lutz.Jaenicke>
> Lutz.Jaenicke> They occur when using a 0.9.6-beta client to connect to
> Lutz.Jaenicke> 0.9.5a and 0.9.6-beta servers.
> Lutz.Jaenicke> They also occur when using a 0.9.5a client connecting
> Lutz.Jaenicke> to a 0.9.6-beta server.
>
> Hmm, that's no good. I'll see if I can generate something similar
> using just s_client and s_server or something like that...
i tried to trace this and it seems that DSA is not the problem.
the shared DH secret differs for both machines. this secret is
included in the data that the server has to sign. this is why ssh
prints: dsa_verify failed.
More information about the openssh-unix-dev
mailing list