Created attachment 3397 [details] sshd and ssh logs during good and bad transactions I am running openssh-server 8.1p-1 on a Netgear R7800 router (running DD-WRT). I am having a problem with basic SSH operation with openssh. I have a separate dropbear SSH server running on a different port (which has been rock solid) and configured openssh to use another for testing purposes. I find that about 80% of the time, I can do an ssh operation from my Cygwin laptop to the openssh server with no problem. But the other times I get an error "incorrect signature" which tells me the server sometimes returns a different signature than my client expected. I was able to capture debug logging on both the SSH client and the SSH server when I executed "ssh router ls -a" for both good and bad (failed with incorrect signature) transactions.
This could be a problem with libcrypto's signature generation or verification. IMO the first step would be to figure out whether it is the client or the server that is going wrong. Could you try a different client (e.g. openssh on Linux, or PuTTY on Windows)? If the problem persists then it's likely the server is at fault.
I did repeated sessions with Windows PuTTY release 7.0. I got about the same frequency of failures with the message: "Server's host key did not match the signature supplied." So it sounds like the issue is with the server.
Did you compile openssh/openssl yourself or did you use DD-WRT's packages? If you compiled OpenSSL yourself, then please run its self-tests and see if they catch anything. Likewise OpenSSH ("make tests" after building. If you're using DD-WRT's pre-built packages then I recommend either filing a bug on their bug tracking system or building your own openssl/openssh so you can run the above self-tests.
I used the pre-compiled package provided by the Entware system in DD-WRT (https://github.com/Entware/Entware). I will enter a bug in their system, but I fear they don't do much except compile pre-existing applications and make them available through the "opkg" command.
By the way, regarding "make tests" - does that work in a cross-compile environment?
(In reply to Steven C from comment #5) > By the way, regarding "make tests" - does that work in a > cross-compile environment? No, the tests rely on being able to run the built executables from the Makefiles.
(In reply to Steven C from comment #4) > I used the pre-compiled package provided by the Entware system in > DD-WRT (https://github.com/Entware/Entware). > > I will enter a bug in their system, but I fear they don't do much > except compile pre-existing applications and make them available > through the "opkg" command. They apply a dozen patches to their openssl, including some to the crypto engines: https://github.com/Entware/Entware/tree/master/package/libs/openssl/patches, some of which invoke /dev/crypto and based on the kernel logs from https://openwrt.org/toh/netgear/r7800 it looks like your device has crypto hardware, so all of libcrypto, the kernel and the hardware are potential causes too. I'd suggest trying the other host key types and see if the problem occurs with all of them or only a subset. I've also seen similar problems caused by bad ram and buggy compilers. There's an awful lot of variables, and if you can't change sshd you won't be able to eliminate many of them.
(In reply to Darren Tucker from comment #6) > No, the tests rely on being able to run the built executables from > the Makefiles. actually, in theory if you copied the build directory in its entirety and had the required tools (at least make, but probably others) then it might be possible to run it on the device. I have in the past done native builds and tests on openwrt, but it took some setting up and it's far from an ideal platform.