Damien Miller <d...@mindrot.org> writes: >The seems unlikely, since we don't use OpenSSL for AES-CTR in OpenSSH. I >don't think OpenSSL even supports a CTR mode through its EVP API.
I first saw it reported on the Putty bugs list [0], a good place to track interop problems with implementations since it's so widely used, which in turn points to https://bugzilla.mindrot.org/show_bug.cgi?id=1291: Connections from "OpenSSH_4.5p1, OpenSSL 0.9.8d 28 Sep 2006" to "OpenSSH_4.5p1, OpenSSL 0.9.8e 23 Feb 2007" using "aes256-ctr" fail with "Bad packet length". The same problem occurs when using PuTTY 0.59 against the newer server. PuTTY users have reported this problem too, with servers on both FreeBSD and Linux, and with OpenSSH versions back to 4.0. In fact it was listed as closed and resolved by, uh, one Damien Miller :-). Peter. [0] Meaing "bugs encountered while using Putty", not necessarily "bugs in Putty". --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com
