OpenSSH-2.5.2.p1 won't connect to OpenSSH-2.5.1p2 using version 2 protocol, quitting with the error message: [dunlap at tesla dunlap]$ ssh -2 kraken 7a 90 3f 39 37 67 0d 9e ac 43 74 c3 83 83 f5 a2 Disconnecting: Bad packet length 2056273721. tesla is Linux tesla.apl.washington.edu 2.2.16-3 #1 Mon Jun 19 19:11:44 EDT 2000 i686 unknown Intel RHL6.2 with OpenSSH-2.5.2.p1 compiled from sources on machine with all RHL6.2 patches. kraken is SunOS kraken 5.6 Generic_105181-23 sun4u sparc SUNW,Ultra-5_10 with OpenSSH-2.5.1p2. This problem does not exsist when an OpenSSH-2.5.1p2 client is used from tesla. Nor does it exist when OpenSSH-2.5.2.p1 client is used to an OpenSSH-2.5.1p2 server on RHL6.2. Here is the result of the faulty (non)connection with full debugging. Presently I don't have root access to the server machine. [dunlap at tesla dunlap]$ ssh -v -v -v -2 kraken OpenSSH_2.5.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090581f debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: getuid 101 geteuid 0 anon 1 debug1: Connecting to kraken [128.95.97.25] port 22. debug1: Connection established. debug1: identity file /home/dunlap/.ssh/identity type 0 debug1: unknown identity file /home/dunlap/.ssh/id_dsa debug1: identity file /home/dunlap/.ssh/id_dsa type -1 debug1: unknown identity file /home/dunlap/.ssh/id_rsa1 debug1: identity file /home/dunlap/.ssh/id_rsa1 type -1 debug1: unknown identity file /home/dunlap/.ssh/id_rsa2 debug1: identity file /home/dunlap/.ssh/id_rsa2 type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_2.5.1p1 debug1: match: OpenSSH_2.5.1p1 pat ^OpenSSH Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_2.5.2p1 debug1: send KEXINIT debug1: done debug1: wait KEXINIT debug1: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug1: got kexinit: ssh-dss debug1: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se debug1: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 debug1: got kexinit: none,zlib debug1: got kexinit: none,zlib debug1: got kexinit: debug1: got kexinit: debug1: first kex follow: 0 debug1: reserved: 0 debug1: done debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST. debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP. debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP. debug1: dh_gen_key: priv key bits set: 123/256 debug1: bits set: 1010/2049 debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT. debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY. debug1: Got SSH2_MSG_KEXDH_REPLY. debug1: Host 'kraken' is known and matches the DSA host key. debug1: Found key in /home/dunlap/.ssh/known_hosts2:4 debug1: bits set: 1034/2049 debug1: len 55 datafellows 0 debug1: ssh_dss_verify: signature correct debug1: Wait SSH2_MSG_NEWKEYS. debug1: GOT SSH2_MSG_NEWKEYS. debug1: send SSH2_MSG_NEWKEYS. debug1: done: send SSH2_MSG_NEWKEYS. debug1: done: KEX2. debug1: send SSH2_MSG_SERVICE_REQUEST de 58 63 8c 67 dd 9d 26 c2 f9 23 84 80 d0 94 0b Disconnecting: Bad packet length -564632692. debug1: Calling cleanup 0x805e31c(0x0) -- John Dunlap University of Washington Senior Electrical Engineer Applied Physics Laboratory dunlap at apl.washington.edu 1013 NE 40th Street 206-543-7207, 543-1300, FAX 543-6785 Seattle, WA 98105-6698
mouring at etoh.eviladmin.org
2001-Mar-21 17:37 UTC
Disconnecting: Bad packet length 2056273721.
This is a known issue with with 2.5.1p2 and below. AES encryption did not handle little vs big ended correctly. Please use another encryption like Blowfish or upgrade the box in question to 2.5.2. - Ben On Wed, 21 Mar 2001, John Dunlap wrote:> OpenSSH-2.5.2.p1 won't connect to OpenSSH-2.5.1p2 using > version 2 protocol, quitting with the error message: > > [dunlap at tesla dunlap]$ ssh -2 kraken > 7a 90 3f 39 37 67 0d 9e ac 43 74 c3 83 83 f5 a2 > Disconnecting: Bad packet length 2056273721. > > > tesla is Linux tesla.apl.washington.edu 2.2.16-3 #1 Mon Jun 19 > 19:11:44 EDT 2000 i686 unknown Intel RHL6.2 with OpenSSH-2.5.2.p1 > compiled from sources on machine with all RHL6.2 patches. kraken is > SunOS kraken 5.6 Generic_105181-23 sun4u sparc SUNW,Ultra-5_10 with > OpenSSH-2.5.1p2. This problem does not exsist when an OpenSSH-2.5.1p2 > client is used from tesla. Nor does it exist when OpenSSH-2.5.2.p1 > client is used to an OpenSSH-2.5.1p2 server on RHL6.2. > > Here is the result of the faulty (non)connection with full debugging. > Presently I don't have root access to the server machine. > > [dunlap at tesla dunlap]$ ssh -v -v -v -2 kraken > OpenSSH_2.5.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090581f > debug1: Seeding random number generator > debug1: Rhosts Authentication disabled, originating port will not be trusted. > debug1: ssh_connect: getuid 101 geteuid 0 anon 1 > debug1: Connecting to kraken [128.95.97.25] port 22. > debug1: Connection established. > debug1: identity file /home/dunlap/.ssh/identity type 0 > debug1: unknown identity file /home/dunlap/.ssh/id_dsa > debug1: identity file /home/dunlap/.ssh/id_dsa type -1 > debug1: unknown identity file /home/dunlap/.ssh/id_rsa1 > debug1: identity file /home/dunlap/.ssh/id_rsa1 type -1 > debug1: unknown identity file /home/dunlap/.ssh/id_rsa2 > debug1: identity file /home/dunlap/.ssh/id_rsa2 type -1 > debug1: Remote protocol version 1.99, remote software version OpenSSH_2.5.1p1 > debug1: match: OpenSSH_2.5.1p1 pat ^OpenSSH > Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_2.5.2p1 > debug1: send KEXINIT > debug1: done > debug1: wait KEXINIT > debug1: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 > debug1: got kexinit: ssh-dss > debug1: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se > debug1: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se > debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 > debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 > debug1: got kexinit: none,zlib > debug1: got kexinit: none,zlib > debug1: got kexinit: > debug1: got kexinit: > debug1: first kex follow: 0 > debug1: reserved: 0 > debug1: done > debug2: mac_init: found hmac-md5 > debug1: kex: server->client aes128-cbc hmac-md5 none > debug2: mac_init: found hmac-md5 > debug1: kex: client->server aes128-cbc hmac-md5 none > debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST. > debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP. > debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP. > debug1: dh_gen_key: priv key bits set: 123/256 > debug1: bits set: 1010/2049 > debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT. > debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY. > debug1: Got SSH2_MSG_KEXDH_REPLY. > debug1: Host 'kraken' is known and matches the DSA host key. > debug1: Found key in /home/dunlap/.ssh/known_hosts2:4 > debug1: bits set: 1034/2049 > debug1: len 55 datafellows 0 > debug1: ssh_dss_verify: signature correct > debug1: Wait SSH2_MSG_NEWKEYS. > debug1: GOT SSH2_MSG_NEWKEYS. > debug1: send SSH2_MSG_NEWKEYS. > debug1: done: send SSH2_MSG_NEWKEYS. > debug1: done: KEX2. > debug1: send SSH2_MSG_SERVICE_REQUEST > de 58 63 8c 67 dd 9d 26 c2 f9 23 84 80 d0 94 0b > Disconnecting: Bad packet length -564632692. > debug1: Calling cleanup 0x805e31c(0x0) > > > -- > John Dunlap University of Washington > Senior Electrical Engineer Applied Physics Laboratory > dunlap at apl.washington.edu 1013 NE 40th Street > 206-543-7207, 543-1300, FAX 543-6785 Seattle, WA 98105-6698 > >