"Bad packet length 1231976033"

Brian Candler b.candler at pobox.com
Sun Apr 9 17:21:17 AEST 2023

On 09/04/2023 02:20, Philip Prindeville wrote:
> What's odd is that the length is*always*  1231976033 (which is 0x496E7661 or "Inva" in ASCII).

Could you get a tcpdump when this happens? Then maybe more of the error 
can be captured.

I grepped for Inva in the source code. There are lots of error messages 
which start with this which are sent with error() or fatal() or 
fprint(stderr, ...), but two which stand out as being a bit different:

# kex.c

                 send_error(ssh, "Invalid SSH identification string.");

# packet.c

         if (*typep < SSH2_MSG_MIN || *typep >= SSH2_MSG_LOCAL_MIN) {
                 if ((r = sshpkt_disconnect(ssh,
                     "Invalid ssh2 packet type: %d", *typep)) != 0 ||

If it happens to be either of these, then the tcpdump showing the 
exchange prior to this point would be enlightening.

More information about the openssh-unix-dev mailing list