Displaying 20 results from an estimated 176 matches for "dh_gen_key".
2014 Jul 30
0
checking for "dh_gen_key: group too small" errors
...with hmac-sha2-512 and diffie-hellman-group1-sha1 results in
OpenSSH killing the connection after the SSH_MSG_KEXINIT packet is sent.
The OpenSSH error logs state the following:
debug2: mac_setup: found hmac-sha2-512 [preauth]
debug1: kex: server->client arcfour256 hmac-sha2-512 none [preauth]
dh_gen_key: group too small: 1024 (2*need 1024) [preauth]
debug1: do_cleanup [preauth]
This behavior, I believe, is in error as the shared secret produced by the
diffie-hellman key exchange is essentially extended to the appropriate
length by successive hashes that are concatenated together per
RFC4253#secti...
2001 Nov 04
4
Slow connection performance with ssh2
...2_MSG_KEXINIT sent
SSH2_MSG_KEXINIT received SSH2_MSG_KEXINIT received
SSH2_MSG_KEX_DH_GEX_REQUEST sent SSH2_MSG_KEX_DH_GEX_REQUEST received
expecting SSH2_MSG_KEX_DH_GEX_GROUP SSH2_MSG_KEX_DH_GEX_GROUP sent
********* 3.330 seconds ********* 3.39 seconds
dh_gen_key: priv key bits set: 134/256 dh_gen_key: priv_key bits set: 126/256
bits set: 1573/3191 bits_set: 1582/3191
SSH2_MSG_KEX_DH_GEX_INIT sent expecting SSH2_MSG_KEX_DH_GEX_INIT
expecting SSH2_MSG_KEX_DH_GEX_REPLY bits set: 1573/3191...
2001 Feb 12
1
OpenSSH (CVS) performance observations
...t OpenSSH from the CVS archive.
I could realize some connections succesfully, but I experienced performance
problem during the connection phase.
It seems, that the client needs quite some computer time just after
debug: Got SSH2_MSG_KEX_DH_GEX_GROUP.
By inserting test-printouts, I verifyed that the dh_gen_key(dh); call
seems to take that long. On a HP C180 it takes around 8 seconds.
OpenSSH is built without optimization but as far as I could see, the
time is spent in the OpenSSL library (built with maximum optimization).
There are other places in which 3-4 seconds are spent each.
Can somebody verify th...
2013 May 31
0
DH group selection for SHA2-512 bit HMAC.
...T DH group request with parameters
(1024, 1024, 8192).
I.e. minimum and preferred group size is 1024-bit,
- OpenSSH server in kexgexs.c:kexgex_server processes this message and
selects 1024-bit group, sending it back to client.
- however, later, when it goes to shared secret generation, in
dh.c:dh_gen_key code checks group size to be
2 * need >= BN_num_bits(dh->p), where need is set to 512 bit (by the
size of HMAC, i assume ), producing the error fatal("dh_gen_key: group
too small: %d (2*need %d)".
So, I think it would be more logical to check 'need' parameter somewhere
d...
2002 May 18
1
OpenSSH 3.2.2p1 sshd: fatal: xfree: NULL pointer given as argument
...2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: client->server 3des-cbc hmac-md5 zlib
debug2: mac_init: found hmac-md5
debug1: kex: server->client 3des-cbc hmac-md5 zlib
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 194/384
debug1: bits set: 1047/2049
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 1031/2049
xfree: NULL pointer given as argument
debug1: Calling cleanup 0x806b00c(0x0)
=============================================================================
Server config f...
2002 Jul 27
1
openssh problem
...; debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
> debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
> debug1: dh_gen_key: priv key bits set: 134/256
> debug1: bits set: 1602/3191
> debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
> debug1: bits set: 1528/3191
> debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting...
2001 May 24
0
occasional ssh hang
...n string SSH-2.0-OpenSSH_2.9p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes256-cbc hmac-md5 none
debug1: kex: client->server aes256-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 262/512
debug1: bits set: 1006/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '147.101.224.39' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts2:2
debug1: bits set: 1063/2049
debug1: s...
2002 Apr 24
1
Fwd: need help in ssh client: key exchange
...: got kexinit:
debug1: got kexinit:
debug1: first kex follow: 0
debug1: reserved: 0
debug1: done
debug1: kex: client->server 3des-cbc hmac-sha1 none
debug1: kex: server->client 3des-cbc hmac-sha1 none
debug1: Wait SSH2_MSG_KEX_DH_GEX_REQUEST.
debug1: Sending SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: dh_gen_key: priv key bits set: 197/384
debug1: bits set: 1016/2049
debug1: Wait SSH2_MSG_KEX_DH_GEX_INIT.
debug1: bits set: 1039/2049
debug1: send SSH2_MSG_NEWKEYS.
debug1: done: send SSH2_MSG_NEWKEYS.
debug1: Wait SSH2_MSG_NEWKEYS.
Connection closed by a.b.c.d
debug1: Calling cleanup 0x8065fa0(0x0)...
2002 Dec 20
3
Bad packet length problem with "aes128-cbc" and openssh3.1p1
Hi,
I am trying to run openssh 3.1p1. But it is giving "Bad packet length" error
when I run sshd with default config file. On further investigation I found
that the error is coming only for the cipher algorithm "aes128-cbc". Also
the error comes only when I don't specify any protocol file
(/usr/local/etc/ssh_host_[rd]sa_key) or specify only "protocol 2" files.
I
2001 Dec 19
0
public key authentication failure
...n string SSH-2.0-OpenSSH_3.0.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 127/256
debug1: bits set: 521/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'server.example.org' is known and matches the RSA host key.
debug1: Found key in /home/art/.ssh/known_hosts:3
debug1: bits set: 538/1024
debu...
2002 Jul 01
3
3.4p1: 'buffer_append_space: alloc 10506240 not supported'
...g1: list_hostkey_types: ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 zlib
debug1: kex: server->client aes128-cbc hmac-md5 zlib
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 121/256
debug1: bits set: 1614/3191
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 1588/3191
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: Enabling compression at level 6.
debug1: SSH2_MSG_NEWKEYS sent
debug1: waitin...
2002 Jul 04
4
With bounds checking patch for gcc-3.1 problems if using AES
...2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client 3des-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server 3des-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 190/384
debug1: bits set: 2006/4095
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/test/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 5
debug1: Host 'localhost' is known and m...
2001 Mar 21
1
Disconnecting: Bad packet length 2056273721.
...c_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: dh_gen_key: priv key bits set: 123/256
debug1: bits set: 1010/2049
debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
debug1: Host 'kraken' is known and matches the DSA host key.
debug1: Found key in /home/dunlap/.ssh/known_hosts2:4
debu...
2002 Jan 04
2
Strange problem from "identical" hosts
....0.2p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: dh_gen_key: priv key bits set: 114/256
> debug1: bits set: 1558/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'target' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
> debug1: bits set: 1575...
2001 May 04
0
Exit status strangeness
...n string SSH-2.0-OpenSSH_2.9p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 134/256
debug1: bits set: 1008/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'qacrmdb' is known and matches the DSA host key.
debug1: Found key in /home/ipopovet/.ssh/known_hosts2:85
debug1: bits set: 1036/2049
debug1...
2002 Nov 06
2
scp output redirection doesn't work...
...debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: dh_gen_key: priv key bits set: 125/256
> debug1: bits set: 1613/3191
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host '<remote_machine>' is known and matches the RSA host key.
> debug1: Found key in /home/linaar/.ssh/known_hosts:...
2001 May 08
1
sftp problem
...first kex follow: 0
debug1: reserved: 0
debug1: done
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: dh_gen_key: priv key bits set: 123/256
debug1: bits set: 1030/2049
debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
debug1: Host 'etwebuatbu' is known and matches the DSA host key.
debug1: Found key in /export/home/jpaint/.ssh/known_ho...
2001 Apr 04
0
Heh?
...1: first kex follow: 0
debug1: reserved: 0
debug1: done
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: dh_gen_key: priv key bits set: 123/256
debug1: bits set: 1013/2049
debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
debug1: Host 'undoable.xtdnet.nl' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts2:1...
2001 Mar 23
1
SSH Conections being dropped.
...first kex follow: 0
debug1: reserved: 0
debug1: done
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: dh_gen_key: priv key bits set: 133/256
debug1: bits set: 998/2049
debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
debug1: Host 'dtadmin' is known and matches the DSA host key.
debug1: Found key in /home/user42/swares/.ssh/known_hosts2...
2001 Oct 17
0
OpenSSH 2.9.9p2 on Solaris 8 buffer_get problem
...x_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 125/256
debug1: bits set: 512/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'firewall' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:3
debug1: bits set: 528/1024
debug1: ssh_rsa_verify:...