[Bug 138] Incorrect OpenSSL version requirment?

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Apr 11 08:13:23 EST 2002


http://bugzilla.mindrot.org/show_bug.cgi?id=138





------- Additional Comments From eds at reric.net  2002-04-11 08:13 -------
As far as I can tell, blowfish is indeed broken in ssh1.

[eds at ike eds]$ ssh -v -1 postal
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
... snip some output ...
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.1p1
debug1: match: OpenSSH_3.1p1 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.1p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'postal' is known and matches the RSA1 host key.
debug1: Found key in /home/eds/.ssh/known_hosts:25
debug1: Encryption type: blowfish
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
Disconnecting: Corrupted check bytes on input.
debug1: Calling cleanup 0x8062778(0x0)




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the openssh-unix-dev mailing list