search for: ssh_bug_sigblob

....1.0pl2 server O/S version: SunOS 5.7 Generic_106541-11 sun4u sparc Log/Details: : % telnet <mymachine> 22 : Trying xx.xx.xx.xx... : Connected to sd099001. : Escape character is '^]'. : SSH-2.0-2.1.0.pl2 SSH Secure Shell (non-commercial) : % ssh <mymachine> : .. : autodetect SSH_BUG_SIGBLOB : .. : len 20 datafellows -2 : : Received packet with bad string length ...... : ...DIES.... Actual problem: compat_datafellows() in compat.c does not recognize 2.1.0.pl2 version of SSH as 2.1.0, so it sets the variable "datafellows" to the wrong value. This causes death. one Work...

...debug: kex: client->server 3des-cbc hmac-md5 none debug: Sending SSH2_MSG_KEXDH_INIT. debug: bits set: 518/1024 debug: Wait SSH2_MSG_KEXDH_REPLY. debug: Got SSH2_MSG_KEXDH_REPLY. debug: Host 'xxxxxx.xxx.xxx.xxx' is known and matches the DSA host key. debug: bits set: 503/1024 autodetect SSH_BUG_SIGBLOB debug: len 40 datafellows -2 Received packet with bad string length 419867393 debug: Calling cleanup 0x805f3c0(0x0) ...and there it dies. Any help or comments is greatly appreciated. Please let me know if there are any questions about my system configuration or the server's. -Jeff

Hi, I have a problem with a Linux box which I updated from 2.5.2p2 to 2.9p2 recently. It's running a tunnel started via inittab using a script which starts ssh -2 -N -o 'ConnectionAttempts 3600' -L <tunnel> $host This has run reliable with 2.5.2 over the last months. Now, after I have upgraded to 2.9p2, the tunnel is closed right after each attempt of an application to use

...A Crown of Swords -------------- next part -------------- --- compat.c.orig Sun Nov 5 07:42:36 2000 +++ compat.c Sat Dec 2 17:58:56 2000 @@ -64,12 +64,12 @@ } check[] = { { "^OpenSSH[-_]2\\.[012]", SSH_OLD_SESSIONID }, { "MindTerm", 0 }, - { "^2\\.1\\.0 ", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| + { "^2\\.1\\.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID }, { "^2\\.0\\.", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| SSH_OLD_SESSIONID| SSH_BUG_PUBKEYAUTH|SSH_BUG_X11FWD }, - { "^2\\.[23]\\.0 ", SSH_BUG_HMAC}, + { "^2\\.[23]\\....

...(r = sshbuf_get_string(e->request, &data, &dlen)) != 0 || (r = sshbuf_get_u32(e->request, &flags)) != 0) fatal("%s: buffer error: %s", __func__, ssh_err(r)); if (flags & SSH_AGENT_OLD_SIGNATURE) compat = SSH_BUG_SIGBLOB; if ((r = sshkey_from_blob(blob, blen, &key)) != 0) { error("%s: cannot parse key blob: %s", __func__, ssh_err(r)); goto send; } However, in 7.6p1, this changed to: if ((r = sshkey_froms(e->request, &key)) != 0 ||...

I'm not on the mailing list, so I'd appreciate it if you could cc: me, though I will keep an eye on the archives. I am running openssh 2.2.0p1 on Debian GNU/Linux. I was pleased to see that 2.2.0p1 had support for DSA keys in the agent, and I have successfully used the v2 protocol to another openssh server with the agent providing authentication. I am also able to successfully connect

Yo All! I have been playing with SSH 2.2.0 from www.ssh.com. I can not connect to openssh 2.2.1p1 using Ver 2 protocol from ssh Ver 2.2.0. Ver 1 works fine. See below for the debug output from both ends If I force hmac-md5 (-m hmac-md5) from the sender it works! The other 3 choices fail: hmac-sha1; hmac-md5-96; and none. I have no problem connecting to this openssh host (hobbes) from

...fellows = datafellows; datafellows = 0; blob = buffer_get_string(&e->request, &blen); data = buffer_get_string(&e->request, &dlen); flags = buffer_get_int(&e->request); - odatafellows = datafellows; if (flags & SSH_AGENT_OLD_SIGNATURE) datafellows = SSH_BUG_SIGBLOB;

...s: buffer error: %s", __func__, ssh_err(r)); > + (r = sshbuf_get_u32(e->request, &flags)) != 0) { > + error("%s: couldn't parse request: %s", __func__, ssh_err(r)); > + goto send; > + } > + > if (flags & SSH_AGENT_OLD_SIGNATURE) > compat = SSH_BUG_SIGBLOB; > if ((id = lookup_identity(key)) == NULL) { Thanks Damien, but I?m not sure this is a good fix. Now both cases turn into an error(), but if there is a problem reading the initial pair of strings and u32 value, you really can?t safely keep the connection open to receive additional requests....

...SH_NEW_OPENSSH|SSH_BUG_DYNAMIC_RPORT}, + { "OpenSSH_6.6.1*", SSH_NEW_OPENSSH}, + { "OpenSSH_6.5*," + "OpenSSH_6.6*", SSH_NEW_OPENSSH|SSH_BUG_CURVE25519PAD}, { "OpenSSH*", SSH_NEW_OPENSSH }, { "*MindTerm*", 0 }, { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| @@ -251,7 +254,6 @@ compat_cipher_proposal(char *cipher_prop return cipher_prop; } - char * compat_pkalg_proposal(char *pkalg_prop) { @@ -263,5 +265,18 @@ compat_pkalg_proposal(char *pkalg_prop) if (*pkalg_prop == '\0') fatal("No supported PK algorithms found...

Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a

...ervice debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,password debug1: next auth method to try is publickey debug1: try privkey: /home/user1/.ssh/identity debug1: try privkey: /home/user1/.ssh/id_rsa debug1: read PEM private key done: type RSA ssh_rsa_sign: SSH_BUG_SIGBLOB not supported resulting in a failure to use the private key and dropped into password authentication INSTANCE 3) generated DSA public/private key pair using F-SECURE ssh-keygen v 2.0.12 converted the SECSH keys to OpenSSH format using OpenSSH ssh-keygen as follows "ssh-keygen -i -f a_sec...