ssh 'connection reset by peer' problem since 5.8p1

Oren Held oren at held.org.il
Fri Mar 4 03:18:42 EST 2011


On Thu, Mar 03, 2011 at 02:31:58PM +0000, Colin Watson wrote:
> On Wed, Feb 23, 2011 at 04:40:00PM +0000, Oren Held wrote:
> >I've researched it a bit deeper. Surprisingly it's not a matter of which cipher to
> >choose, but of *how long the list of ciphers is*. I'll explain:
> >Doesn't work:
> >-c 'aes128-ctr' and 94 commas (i.e. -c 'aes128-ctr,,,,,,,,,,,,,,,,,,' etc),
> >Does work:
> >-c 'aes128-ctr' and 95 commas
> >
> >Now the number above varies. On my home computer it was 105 commas vs. 104
> >commas. So eventually I bet it has to do with SSH packet size.  For instance in
> >my place, according to Wireshark, SSH "Client: Key Exchange Init" packet length
> >is 1044+10(padding) in the bad case, 1036+4 in the good case. 
> 
> What are the MTU values on the relevant network interfaces on the client
> and the server?

MTU is 1500 on both client and server, in my case.


More information about the openssh-unix-dev mailing list