Bug 3249

Summary: openssh support for openssl 3.0 (alpha 6)
Product: Portable OpenSSH Reporter: rajesh satya <rajesh.satya>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED DUPLICATE    
Severity: major CC: djm, mkl
Priority: P5    
Version: 8.4p1   
Hardware: Other   
OS: Linux   

Description rajesh satya 2021-01-05 23:45:28 AEDT 
After upgrade to openssl 3.0 (alpha 6), openssh login fails.

Bad Packet length: 1868080485
debug3: send packet type 1
ssh_dispatch_run_fatal: connection to <IP> port 22: connection corrupted

I enabled debug logging to DEBUG3, but this is the only failure message i am seeing.

Openssh version: 8.4p1
openssl version: 3.0.0-alpha6

If there is already a plan to support openssl 3.0, kindly share
Comment 1 rajesh satya 2021-01-06 17:52:26 AEDT 
Some debugging logs:

sshd[1088]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
sshd[1088]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
sshd[1088]: debug3: receive packet: type 21 [preauth]
sshd[1088]: debug1: SSH2_MSG_NEWKEYS received [preauth]
sshd[1088]: debug2: set_newkeys: mode 0 [preauth]
sshd[1088]: debug1: rekey in after 4294967296 blocks [preauth]
sshd[1088]: debug1: KEX done [preauth]
sshd[1088]: debug3: receive packet: type 5 [preauth]
sshd[1088]: debug3: send packet: type 6 [preauth]
sshd[1088]: Connection closed by <IP> port 48946 [preauth]   ---> error happening here
sshd[1088]: debug1: do_cleanup [preauth]
sshd[1088]: debug3: PAM: sshpam_thread_cleanup entering [preauth]
sshd[1088]: debug1: monitor_read_log: child log fd closed

With openssl 1.1.1g/1.1.1i, it was working fine.
Problem with openssl-3.0.0 (tried alpha6)

Kindly suggest.
Comment 2 Damien Miller 2021-01-07 14:08:58 AEDT 
We're waiting for OpenSSL to rename an incompatible API

https://github.com/openssl/openssl/issues/13411

Until then, please consider OpenSSL 3.* unsupported by OpenSSH.
Comment 3 Damien Miller 2021-01-08 13:11:29 AEDT 

*** This bug has been marked as a duplicate of bug 3238 ***
Comment 4 Marc Kleine-Budde 2021-01-08 19:14:45 AEDT 
Hey rajesh,

a recent openssl + patch "v2" from https://bugzilla.mindrot.org/show_bug.cgi?id=3238 works for me.
Comment 5 rajesh satya 2021-01-08 20:05:57 AEDT 
I tried the same of v2 patch, the issue still persists.
Comment 6 Marc Kleine-Budde 2021-01-08 23:59:24 AEDT 
Forgot to mention, that chacha20 is broken, too. Make sure to use recent openssl together with my patches:

https://github.com/marckleinebudde/openssh-portable/tree/workaround-openssl-3
Comment 7 Damien Miller 2021-03-04 09:51:38 AEDT 
close bugs that were resolved in OpenSSH 8.5 release cycle