I think we are not detecting and setting endianness properly for
rijndael.c.
Can someone on a big endian machine do a "ssh -2 -oCiphers=rijndael128-cbc
littleendianmachine" and vice versa?
-d
--
| Damien Miller <djm at mindrot.org> \ ``E-mail attachments are the poor
man's
| http://www.mindrot.org / distributed filesystem'' - Dan
Geer
---------- Forwarded message ----------
Date: Mon, 26 Feb 2001 22:54:43 -0800 (PST)
From: Gregory Steuck <greg at nest.cx>
To: openssh at openssh.com
Subject: Bad packet length in 2.5.1 with rijndael
Hello,
If I go between machines with different byte order using rijndael
ciphers I get "Bad packet length" error. I was using
openssh-openbsd-current-i386 -> openssh-2.5.1p1-sparc-solaris and vice
versa.
It works fine if I use 3des-cbc, blowfish-cbc, arcfour or
cast128-cbc. (To make sure this is not the 2.8 rijndael blow up, I just
rebulit libssl from -current, didn't change a thing)
Here're the relevant parts of .ssh/config:
Host puma
HostName ::1
Port 10022
ForwardX11 yes
Host *
Protocol 2,1
Cipher blowfish
Ciphers rijndael128-cbc,aes128-cbc,blowfish-cbc,3des-cbc
ForwardX11 no
ForwardAgent no
And this is the log:
ssh -v puma
OpenSSH_2.5.1, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
debug: Reading configuration data /home/greg/.ssh/config
debug: Applying options for puma
debug: Applying options for *
debug: Reading configuration data /etc/ssh_config
debug: ssh_connect: getuid 1001 geteuid 0 anon 0
debug: Connecting to ::1 [::1] port 10022.
debug: Allocated local port 809.
debug: Connection established.
debug: identity file /home/greg/.ssh/identity type 0
debug: identity file /home/greg/.ssh/id_rsa type 3
debug: identity file /home/greg/.ssh/id_dsa type 3
debug: Remote protocol version 1.99, remote software version OpenSSH_2.5.1p1
debug: match: OpenSSH_2.5.1p1 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-2.0-OpenSSH_2.5.1
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got kexinit:
3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc
at lysator.liu.se
debug: got kexinit:
3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc
at lysator.liu.se
debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160 at
openssh.com,hmac-sha1-96,hmac-md5-96
debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160 at
openssh.com,hmac-sha1-96,hmac-md5-96
debug: got kexinit: none,zlib
debug: got kexinit: none,zlib
debug: got kexinit:
debug: got kexinit:
debug: first kex follow: 0
debug: reserved: 0
debug: done
debug: kex: server->client rijndael128-cbc hmac-sha1 none
debug: kex: client->server rijndael128-cbc hmac-sha1 none
debug: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug: bits set: 1012/2049
debug: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug: Got SSH2_MSG_KEXDH_REPLY.
debug: Forcing accepting of host key for loopback/localhost.
debug: bits set: 1025/2049
debug: len 55 datafellows 0
debug: ssh_dss_verify: signature correct
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: done: KEX2.
debug: send SSH2_MSG_SERVICE_REQUEST
e3 03 f4 e0 5e 27 3c ff 53 f4 60 3e 5a 72 b5 67
Disconnecting: Bad packet length -486279968.
debug: Calling cleanup 0x15f10(0x0)
Thanks
Greg