>> >When I try to connect from a new NetBSD/i386 box to some of our servers
>> >which run sshd, I get the following error message. The SSH installation
>> >on the server was installed from binary package for Solaris x86 8.0
>> >available on the net (not my idea).
>> > client% ssh server
>> > Disconnecting: Corrupted HMAC on input.
>> > %
>> >Is this a just a bug, or is this something I should be concerned about?

        it turned out that (by markusopenbsd.org):
        - older ssh.com sshd had bug in HMAC computation
        - ssh.com sshd 2.4 fixes it
        - openssh 2.2.0 thinks that all ssh.com sshd after 2.x to be buggy,
          and put some workaround
        and openssh 2.2.0 and ssh.com sshd 2.4 did not interopearte.
        openssh 2.3.0 has no problem.

        on netbsd-current we have openssh 2.3.0 in-tree, so maybe we should
        do a pullup.

itojun

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]