weird interoperability problems between SSH-2.4.0 and OpenSSH-2.2.0/NetBSD

Greg A. Woods Wed, 21 Feb 2001 04:31:46 -0800
I'm having trouble with interoperability between SSH-2.4.0 and
OpenSSH-2.2.0 as it appears in NetBSD-1.5.1, aka
NetBSD_Secure_Shell-20001003:

21:23 [104] $ ssh2 -v -m hmac-sha1 whome.planix.com
debug: hostname is 'whome.planix.com'.
debug: Unable to open /home/most/woods/.ssh2/ssh2_config
debug: connecting to whome.planix.com...
debug: entering event loop
debug: ssh_client_wrap: creating transport protocol
debug: SshAuthMethodClient/sshauthmethodc.c:117/ssh_client_authentication_initialize: 
Added "hostbased" to usable methods.
debug: SshAuthMethodClient/sshauthmethodc.c:117/ssh_client_authentication_initialize: 
Added "publickey" to usable methods.
debug: SshAuthMethodClient/sshauthmethodc.c:117/ssh_client_authentication_initialize: 
Added "password" to usable methods.
debug: Ssh2Client/sshclient.c:1142/ssh_client_wrap: creating userauth protocol
debug: Ssh2Common/sshcommon.c:502/ssh_common_wrap: local ip = 204.92.254.15, local 
port = 51951
debug: Ssh2Common/sshcommon.c:504/ssh_common_wrap: remote ip = 204.29.161.33, remote 
port = 22
debug: SshConnection/sshconn.c:1866/ssh_conn_wrap: Wrapping...
debug: Ssh2Transport/trcommon.c:599/ssh_tr_input_version: Remote version: 
SSH-1.99-OpenSSH_2.2.0 NetBSD_Secure_Shell-20001003
debug: Ssh2Transport/trcommon.c:789/ssh_tr_input_version: Remote version has rekey 
incompatibility bug.
debug: Ssh2Transport/trcommon.c:1120/ssh_tr_negotiate: c_to_s: cipher 3des-cbc, mac 
hmac-sha1, compression none
debug: Ssh2Transport/trcommon.c:1123/ssh_tr_negotiate: s_to_c: cipher 3des-cbc, mac 
hmac-sha1, compression none
debug: Ssh2Client/sshclient.c:406/keycheck_key_match: Host key found from database.
debug: Ssh2Common/sshcommon.c:137/ssh_common_disconnect: DISCONNECT received: Message 
authentication check fails.
warning: Authentication failed.
debug: Ssh2/ssh2.c:85/client_disconnect: locally_generated = TRUE
Disconnected; MAC error (Message authentication check fails.).
debug: uninitializing event loop

        Feb 20 21:38:11 whome sshd[18858]: Disconnecting: Corrupted HMAC on input.

If I change the MAC to hmac-md5, it works:

21:56 [105] $ ssh2 -v -m hmac-md5 whome.planix.com  
debug: hostname is 'whome.planix.com'.
debug: Unable to open /home/most/woods/.ssh2/ssh2_config
debug: connecting to whome.planix.com...
debug: entering event loop
debug: ssh_client_wrap: creating transport protocol
debug: SshAuthMethodClient/sshauthmethodc.c:117/ssh_client_authentication_initialize: 
Added "hostbased" to usable methods.
debug: SshAuthMethodClient/sshauthmethodc.c:117/ssh_client_authentication_initialize: 
Added "publickey" to usable methods.
debug: SshAuthMethodClient/sshauthmethodc.c:117/ssh_client_authentication_initialize: 
Added "password" to usable methods.
debug: Ssh2Client/sshclient.c:1142/ssh_client_wrap: creating userauth protocol
debug: Ssh2Common/sshcommon.c:502/ssh_common_wrap: local ip = 204.92.254.15, local 
port = 51896
debug: Ssh2Common/sshcommon.c:504/ssh_common_wrap: remote ip = 204.29.161.33, remote 
port = 22
debug: SshConnection/sshconn.c:1866/ssh_conn_wrap: Wrapping...
debug: Ssh2Transport/trcommon.c:599/ssh_tr_input_version: Remote version: 
SSH-1.99-OpenSSH_2.2.0 NetBSD_Secure_Shell-20001003
debug: Ssh2Transport/trcommon.c:789/ssh_tr_input_version: Remote version has rekey 
incompatibility bug.
debug: Ssh2Transport/trcommon.c:1120/ssh_tr_negotiate: c_to_s: cipher 3des-cbc, mac 
hmac-md5, compression none
debug: Ssh2Transport/trcommon.c:1123/ssh_tr_negotiate: s_to_c: cipher 3des-cbc, mac 
hmac-md5, compression none
debug: Ssh2Client/sshclient.c:406/keycheck_key_match: Host key found from database.
debug: Ssh2Common/sshcommon.c:306/ssh_common_special: Received SSH_CROSS_STARTUP 
packet from connection protocol.
debug: Ssh2Common/sshcommon.c:356/ssh_common_special: Received SSH_CROSS_ALGORITHMS 
packet from connection protocol.
debug: Unable to open /home/most/woods/.ssh2/identification
debug: Ssh2AuthClient/sshauthc.c:309/ssh_authc_completion_proc: Method 'publickey' 
disabled.
debug: Ssh2AuthPasswdClient/authc-passwd.c:92/ssh_client_auth_passwd: Starting 
password query...
[EMAIL PROTECTED]'s password: 

I see the following note in the CHANGES file which would seem to hint
that the problem I'm encountering was fixed long ago:

        2000-11-27  Sami J. Lehtinen  <[EMAIL PROTECTED]>

        [[ .... ]]      

                * Fixed SHA-1 key length. Now we are compatible with OpenSSH and
                  the new drafts.

Is this a NetBSD problem, an OpenSSH problem, or what?

(Next I'm off to find out why SSH-2.4.0's sshd crashes when I try to
connect to it from NetBSD's ssh....)

-- 
                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <[EMAIL PROTECTED]>      <robohack!woods>
Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>
weird interoperability problems between SSH-2.4.0 and OpenSSH-2.2.0/NetBSD

Reply via email to
