On 21/03/14 17:15, Pieter Bowman wrote: > Any ideas on where to look? Have you tried mixing the client sshs too? I would also try to log the contents passed to ssh-keysign (it will be binary data, but if for instance with the wrong version got a few bytes less, I would suspect the signature is being truncated by sshd)