Disconnecting: Corrupted check bytes on input.

Gert Doering gert at greenie.muc.de
Tue Mar 12 22:21:48 EST 2002


Hi,

just "cvs update"'d to get the latest portable version, to start
rebuilding our AIX systems to get zlib-1.1.4 and the channel-bug fix.

SSH protocol 2 seems to work nicely, ssh protocol 1 doesn't work properly.

Environment: AIX 4.3.3, openssl 0.9.6c, openssh as of today (Mar 12, 11:20
GMT).

Client/blowfish, to openssh 3.0p1 or to 2.5.1p1:

debug1: Encryption type: blowfish
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
Disconnecting: Corrupted check bytes on input.
debug1: Calling cleanup 0x20009598(0x0)

Client/3des:

debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: cipher_init: set keylen (16 -> 32)
debug1: cipher_init: set keylen (16 -> 32)
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
debug1: Remote: Accepted for hilb0.medat.de [172.30.1.8] by /etc/hosts.equiv.
debug1: Received RSA challenge for host key from server.
debug1: Sending response to host key RSA challenge.
debug1: Remote: Rhosts with RSA host authentication accepted.
debug1: Rhosts or /etc/hosts.equiv with RSA host authentication accepted by server.
(works)

Server: same game - incoming connection with "-1 -c blowfish":

debug1: Client protocol version 1.5; client software version 1.2.20
debug1: match: 1.2.20 pat 1.2.18*,1.2.19*,1.2.20*,1.2.21*,1.2.22*
debug1: Local version string SSH-1.99-OpenSSH_3.1p1-GD/PM
debug1: Sent 768 bit server key and 1024 bit host key.
debug1: Encryption type: blowfish
debug1: Received session key; encryption turned on.
debug1: Installing crc compensation attack detector.
Disconnecting: Corrupted check bytes on input.
debug1: Calling cleanup 0x20008e58(0x0)

-2 or -c 3des work.


I have seen this error message a few times on this list, so I assume
Markus knows what is causing this.

Am I correct in assuming that the fix just hasn't propagated to 
-portable yet, and all I can do is to be patient?

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert.doering at physik.tu-muenchen.de



More information about the openssh-unix-dev mailing list