There appears to be a problem with the "ssh" from OpenSSH (versions 2.1.1 and 2.1.0 at least) interworking with "sshd" 2.2.0. The problem doesn't exist with "sshd" from 2.1.0 What I'm seeing is the "ssh" fail with... Disconnecting: Corrupted HMAC on input. I've attached the output from "ssh-v" as ssh.txt At the server end, I'm logging... Jun 23 12:15:35 dird sshd[13574]: Local disconnected: Message authentication check fails. Jun 23 12:15:35 dird sshd[13574]: MAC failed in local, disconnecting: 'Message authentication check fails.' Verbose logging in attached as sshd.txt (both attachments are UNIX format). Can anybody help me with diagnosing what's wrong? Cheers, Richard Hopkins, Computing Service, University of Bristol, Bristol, BS8 1UD, UK Tel +44 117 928 7859 Fax +44 117 929 1576 RFC-822: [EMAIL PROTECTED]
SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0. Compiled with SSL (0x00905100). debug: Reading configuration data /usr/local/etc/ssh_config debug: Applying options for * debug: loaded 19 entropy commands from /usr/local/etc/ssh_prng_cmds debug: Seeding random number generator. debug: OpenSSL random status is now 0 debug: 3 bytes from system calls debug: 34 bytes from programs debug: OpenSSL random status is now 1 debug: loading PRNG seed from file /home/ccrjh/.ssh/prng_seed debug: ssh_connect: getuid 405 geteuid 0 anon 0 debug: Connecting to dird [137.222.10.59] port 22. debug: Seeding random number generator. debug: OpenSSL random status is now 1 debug: 3 bytes from system calls debug: 34 bytes from programs debug: OpenSSL random status is now 1 debug: Allocated local port 832. debug: Connection established. debug: Remote protocol version 2.0, remote software version 2.2.0 SSH Secure Shell (non-commercial) Enabling compatibility mode for protocol 2.0 debug: Local version string SSH-2.0-OpenSSH_2.1.1 debug: send KEXINIT debug: done debug: wait KEXINIT debug: got kexinit: diffie-hellman-group1-sha1 debug: got kexinit: ssh-dss debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,3des-ecb,3des-cfb,3des-ofb,blowfish-ecb,blowfish-cfb,blowfish-ofb,des-ecb,des-cbc,des-cfb,des-ofb,twofish-ecb,twofish-cfb,twofish-ofb debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,3des-ecb,3des-cfb,3des-ofb,blowfish-ecb,blowfish-cfb,blowfish-ofb,des-ecb,des-cbc,des-cfb,des-ofb,twofish-ecb,twofish-cfb,twofish-ofb debug: got kexinit: hmac-sha1,hmac-md5,hmac-md5-96,hmac-sha1-96,hmac-ripemd160,hmac-ripemd160-96,sha1-8,sha1,md5-8,md5,ripemd160-8,ripemd160 debug: got kexinit: hmac-sha1,hmac-md5,hmac-md5-96,hmac-sha1-96,hmac-ripemd160,hmac-ripemd160-96,sha1-8,sha1,md5-8,md5,ripemd160-8,ripemd160 debug: got kexinit: none,zlib debug: got kexinit: none,zlib debug: got kexinit: debug: got kexinit: debug: first kex follow: 0 debug: reserved: 0 debug: done debug: kex: server->client 3des-cbc hmac-sha1 none debug: kex: client->server 3des-cbc hmac-sha1 none debug: Sending SSH2_MSG_KEXDH_INIT. debug: bits set: 483/1024 debug: Wait SSH2_MSG_KEXDH_REPLY. debug: Got SSH2_MSG_KEXDH_REPLY. debug: keytype ssh-dss debug: keytype ssh-dss debug: keytype ssh-dss debug: Host 'dird' is known and matches the DSA host key. debug: bits set: 507/1024 debug: len 55 datafellows 0 debug: dsa_verify: signature correct debug: Wait SSH2_MSG_NEWKEYS. debug: GOT SSH2_MSG_NEWKEYS. debug: send SSH2_MSG_NEWKEYS. debug: done: send SSH2_MSG_NEWKEYS. debug: done: KEX2. debug: send SSH2_MSG_SERVICE_REQUEST Disconnecting: Corrupted HMAC on input. debug: Calling cleanup 0x5581c(0x0) debug: Calling cleanup 0x5e2e8(0x0) debug: writing PRNG seed to file /home/ccrjh/.ssh/prng_seed
debug: Reading private host key from /etc/ssh2/hostkey debug: Key comment: 1024-bit dsa hostkey debug: SshUnixConfig/sshunixconfig.c:270/ssh_server_load_host_key: Reading public host key from: /etc/ssh2/hostkey.pub debug: Becoming server. debug: Creating listener debug: Listener created debug: no udp listener created. debug: Running event loop debug: Sshd2/sshd2.c:575/new_connection_callback: new_connection_callback debug: Sshd2/sshd2.c:727/new_connection_callback: Wrapping stream with ssh_server_wrap... debug: ssh_server_wrap: creating transport protocol debug: SshAuthMethodServer/sshauthmethods.c:93/ssh_server_authentication_initialize: Added "publickey" to usable methods. debug: SshAuthMethodServer/sshauthmethods.c:93/ssh_server_authentication_initialize: Added "password" to usable methods. debug: ssh_server_wrap: creating userauth protocol debug: Ssh2Common/sshcommon.c:350/ssh_common_wrap: local ip = 137.222.199.99, local port = 22 debug: Ssh2Common/sshcommon.c:352/ssh_common_wrap: remote ip = 137.222.199.139, remote port = 980 debug: SshConnection/sshconn.c:1853/ssh_conn_wrap: Wrapping... debug: Sshd2/sshd2.c:738/new_connection_callback: done. debug: new_connection_callback returning debug: Ssh2Transport/trcommon.c:593/ssh_tr_input_version: Remote version: SSH-2.0-OpenSSH_2.1.1 debug: Ssh2Common/sshcommon.c:132/ssh_common_disconnect: DISCONNECT received: Message authentication check fails. debug: Sshd2/sshd2.c:89/server_disconnect: locally_generated = TRUE debug: Exiting event loop
