Problem/bug report for "bad decrypted len" error in OpenSSH

Stefan Hadjistoytchev sth at
Fri Jun 13 16:04:01 EST 2003

I think lines between 250-252 in  file ssh-rsa.c in OpenSSH source code
should be commented ! ! !

Using "SecureNetTerm Client" ( ) with
"SecureKeyAgent" ver. ( Or same is with Putty + SecureKeyAgent ) to
connect to OpenSSH server "OpenSSH ver. 3.6.1" using public key from Smart
Card certificate causes the following errors in "/var/log/auth/errors":
    sshd[1224] error: bad decrypted len: 36 != 20 + 15
    sshd[1227] error: bad decrypted len: 36 != 20 + 15

I sent a letter about this to SecureNetTerm and here is the answer:

> OpenSSH 3.6.1 is a little braindead when it comes to proper operation of
> All you have to do is edit the OpenSSL file ssh-rsa.c and comment out
lines 250-252.
> This is a redundant length check that is not technically correct.  The
OpenSSH team is
> aware of the problem but don't care since they have no idea how to use

Would You please comment on this or FIX this issue ?

Best regards
    Stefan Hadjistoytchev

More information about the openssh-unix-dev mailing list