Bug 394 - SSH 2 MAC Error Caused By OpenSSH?
Summary: SSH 2 MAC Error Caused By OpenSSH?
Status: CLOSED INVALID
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: -current
Hardware: SPARC Solaris
: P3 normal
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2002-09-11 22:43 AEST by Edward Moore
Modified: 2004-04-14 12:24 AEST (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Edward Moore 2002-09-11 22:43:57 AEST 
Components: OpenSSH 3.4p1
            PuTTy 0.52 (on client, configred to use SSH2)
            VNC Viewer 3.3.3R2 (ran over SSH)

Effected: Several servers and users all running same config.

Error occurs when using above 3 components together. PuTTy error described in 
the following webpage occurs:
http://www.tartarus.org/~owen/putty-docs/AppendixA.html#A.6

We've tried there recommended fix ("Imitate SSH 2 MAC bug") and this gives the 
MAC error straight away. Could the error relate to a bug in the message 
authentification codes with OpenSSH? If not suggestions welcome.

Regards
Edward Moore

----------------------------------------------------------------------------
dwpprod01:/> pkginfo -l SMCossh
   PKGINST:  SMCossh
      NAME:  openssh
  CATEGORY:  application
      ARCH:  sparc
   VERSION:  3.4p1
   BASEDIR:  /usr/local
    VENDOR:  The OpenSSH Group
    PSTAMP:  Steve Christensen
  INSTDATE:  Aug 23 2002 13:44
     EMAIL:  steve@smc.vnet.net
    STATUS:  completely installed
     FILES:       50 installed pathnames
                   5 shared pathnames
                  11 directories
                  10 executables
                   1 setuid/setgid executables
               11188 blocks used (approx)

dwpprod01:/> uname -a
SunOS dwpprod01 5.8 Generic_108528-15 sun4u sparc SUNW,Sun-Fire-480R
dwpprod01:/>
Comment 1 Markus Friedl 2002-09-11 22:52:00 AEST 
openssh does not have the bug described in
http://www.tartarus.org/~owen/putty-docs/AppendixA.html#A.6


what do you see? what ciphers are used? what hmac? what
does sshd -ddd say when a client connects?

do you have more information?
Comment 2 Edward Moore 2002-09-12 02:18:38 AEST 
> what do you see?
Error message with PuTTy, as detailed. Connection is then terminated by PuTTy.

> what ciphers are used?
We're using RSA 1024 keys with PuTTy. Is this the cypher used for the 
connection?

> what hmac?
what is a hmac? thanks.

> what does sshd -ddd say when a client connects?
I'll get back to you with this -- got to go through change management procedures


------------------------------------------------------------------------------
MORE INFORMATION:
There's no time fixed interval since starting the connection when the problem 
occurs -- it's random but averaging about every 2hrs but only when using VNC 
(so far) -- maybe just because of increased traffic increasing error frequency? 
Error terminates connection.
---
WHY IS THIS PROBABLY OPEN SSH RELATED?
This does not occur nearly as frequent on other servers where using the same 
PuTTy version is communicating with OpenSSH version 3.2.0p1.
---
RMSD-BBP-W03:/> pkginfo -l SMCossh3
   PKGINST:  SMCossh3
      NAME:  openssh
  CATEGORY:  application
      ARCH:  sparc
   VERSION:  3.0.2p1
   BASEDIR:  /usr/local
    VENDOR:  The OpenSSH Group
    PSTAMP:  Steve Christensen
  INSTDATE:  Feb 26 2002 15:09
     EMAIL:  steve@smc.vnet.net
    STATUS:  completely installed
     FILES:     47 installed pathnames
                 7 shared pathnames
                10 directories
                 9 executables
              9667 blocks used (approx)

RMSD-BBP-W03:/>
Comment 3 Markus Friedl 2002-10-05 01:43:34 AEST 
i don't see how this is caused by openssh
Comment 4 Damien Miller 2004-04-14 12:24:18 AEST 
Mass change of RESOLVED bugs to CLOSED