openssh 2.2.0p1 fails with openssl 0.9.6-beta1

Richard Levitte - VMS Whacker levitte at stacken.kth.se
Sat Sep 16 00:54:40 EST 2000


From: Markus Friedl <Markus.Friedl at informatik.uni-erlangen.de>

Markus.Friedl> i tried to trace this and it seems that DSA is not the problem.
Markus.Friedl> 
Markus.Friedl> the shared DH secret differs for both machines.  this
Markus.Friedl> secret is included in the data that the server has to
Markus.Friedl> sign.  this is why ssh prints: dsa_verify failed.

I'm not sure if that means that OpenSSL still has a bug or not...

-- 
Richard Levitte   \ Spannvägen 38, II \ LeViMS at stacken.kth.se
Chairman at Stacken   \ S-168 35  BROMMA  \ T: +46-8-26 52 47
Redakteur at Stacken   \      SWEDEN       \ or +46-709-50 36 10
Procurator Odiosus Ex Infernis                -- poei at bofh.se
Member of the OpenSSL development team: http://www.openssl.org/
Software Engineer, Celo Communications: http://www.celocom.com/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.





More information about the openssh-unix-dev mailing list