OpenSSH 2.3.0p1 protocol 2 problem with AIX

Pekka Savola pekkas at netcore.fi
Mon Feb 19 04:24:45 EST 2001 

Hi,

Connecting from RHL7 with OpenSSH 2.3.0p1 or 2.5.0p1 to OpenSSH 2.3.0p1 on
AIX 4.3.1.  Protocol 2 doesn't work if you specify 'Ciphers
rijndael128-cbc' or Ciphers 'aes128-cbc'.

sshd -d -d -d on the server shows _nothing_ about these connections.

I'm not sure if rijndael has been left out from sshd somehow, but
shouldn't the error message be a little more specific?

Short version:

$ ssh ibmsp
 e6 13 54 23 89 c2 61 07 df 51 1d 1b 17 d3 3e 8f
Disconnecting: Bad packet length -434940893.

Longer version:

$ ssh -v -v -v  ibmsp
SSH Version OpenSSH_2.5.0p1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /home/psavola/.ssh/config
debug: Reading configuration data /etc/ssh/ssh_config
debug: cipher ok: rijndael128-cbc
[rijndael128-cbc,aes128-cbc,arcfour,blowfish-cbc]
debug: cipher ok: aes128-cbc
[rijndael128-cbc,aes128-cbc,arcfour,blowfish-cbc]
debug: cipher ok: arcfour
[rijndael128-cbc,aes128-cbc,arcfour,blowfish-cbc]
debug: cipher ok: blowfish-cbc
[rijndael128-cbc,aes128-cbc,arcfour,blowfish-cbc]
debug: ciphers ok: [rijndael128-cbc,aes128-cbc,arcfour,blowfish-cbc]
debug: ssh_connect: getuid 154 geteuid 0 anon 0
debug: Connecting to ibmsp [193.166.7.65] port 22.
debug: Allocated local port 1020.
debug: Connection established.
debug: identity file /home/psavola/.ssh/identity type 0
debug: Bad RSA1 key file /home/psavola/.ssh/id_dsa.
debug: identity file /home/psavola/.ssh/id_dsa type 3
debug: Remote protocol version 1.99, remote software version
OpenSSH_2.3.0p1
debug: match: OpenSSH_2.3.0p1 pat ^OpenSSH_2\.3\.0
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-2.0-OpenSSH_2.5.0p1
debug: Seeding random number generator
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got kexinit:
3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se
debug: got kexinit:
3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se
debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160 at openssh.com
debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160 at openssh.com
debug: got kexinit: none,zlib
debug: got kexinit: none,zlib
debug: got kexinit:
debug: got kexinit:
debug: first kex follow: 0
debug: reserved: 0
debug: done
debug: mac_init: found hmac-sha1
debug: kex: server->client rijndael128-cbc hmac-sha1 none
debug: mac_init: found hmac-sha1
debug: kex: client->server rijndael128-cbc hmac-sha1 none
debug: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug: bits set: 501/1024
debug: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug: Got SSH2_MSG_KEXDH_REPLY.
debug: Host 'ibmsp' is known and matches the DSA host key.
debug: Found key in /home/psavola/.ssh/known_hosts2:132
debug: bits set: 488/1024
debug: len 55 datafellows 128
debug: ssh_dss_verify: signature correct
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: done: KEX2.
debug: send SSH2_MSG_SERVICE_REQUEST
 ac 29 cf 66 5a cf ac f6 58 62 9a c7 25 dc 5c bf
Disconnecting: Bad packet length -1406546074.
debug: Calling cleanup 0x8060690(0x0)



-- 
Pekka Savola                  "Tell me of difficulties surmounted,
Netcore Oy                    not those you stumble over and fall"
Systems. Networks. Security.   -- Robert Jordan: A Crown of Swords

More information about the openssh-unix-dev mailing list