John Dunlap
2001-03-21 16:54:21 UTC
OpenSSH-2.5.2.p1 won't connect to OpenSSH-2.5.1p2 using
version 2 protocol, quitting with the error message:
[***@tesla dunlap]$ ssh -2 kraken
7a 90 3f 39 37 67 0d 9e ac 43 74 c3 83 83 f5 a2
Disconnecting: Bad packet length 2056273721.
tesla is Linux tesla.apl.washington.edu 2.2.16-3 #1 Mon Jun 19
19:11:44 EDT 2000 i686 unknown Intel RHL6.2 with OpenSSH-2.5.2.p1
compiled from sources on machine with all RHL6.2 patches. kraken is
SunOS kraken 5.6 Generic_105181-23 sun4u sparc SUNW,Ultra-5_10 with
OpenSSH-2.5.1p2. This problem does not exsist when an OpenSSH-2.5.1p2
client is used from tesla. Nor does it exist when OpenSSH-2.5.2.p1
client is used to an OpenSSH-2.5.1p2 server on RHL6.2.
Here is the result of the faulty (non)connection with full debugging.
Presently I don't have root access to the server machine.
[***@tesla dunlap]$ ssh -v -v -v -2 kraken
OpenSSH_2.5.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: getuid 101 geteuid 0 anon 1
debug1: Connecting to kraken [128.95.97.25] port 22.
debug1: Connection established.
debug1: identity file /home/dunlap/.ssh/identity type 0
debug1: unknown identity file /home/dunlap/.ssh/id_dsa
debug1: identity file /home/dunlap/.ssh/id_dsa type -1
debug1: unknown identity file /home/dunlap/.ssh/id_rsa1
debug1: identity file /home/dunlap/.ssh/id_rsa1 type -1
debug1: unknown identity file /home/dunlap/.ssh/id_rsa2
debug1: identity file /home/dunlap/.ssh/id_rsa2 type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_2.5.1p1
debug1: match: OpenSSH_2.5.1p1 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.5.2p1
debug1: send KEXINIT
debug1: done
debug1: wait KEXINIT
debug1: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug1: got kexinit: ssh-dss
debug1: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-***@lysator.liu.se
debug1: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-***@lysator.liu.se
debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160,hmac-***@openssh.com,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160,hmac-***@openssh.com,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: none,zlib
debug1: got kexinit: none,zlib
debug1: got kexinit:
debug1: got kexinit:
debug1: first kex follow: 0
debug1: reserved: 0
debug1: done
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: dh_gen_key: priv key bits set: 123/256
debug1: bits set: 1010/2049
debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
debug1: Host 'kraken' is known and matches the DSA host key.
debug1: Found key in /home/dunlap/.ssh/known_hosts2:4
debug1: bits set: 1034/2049
debug1: len 55 datafellows 0
debug1: ssh_dss_verify: signature correct
debug1: Wait SSH2_MSG_NEWKEYS.
debug1: GOT SSH2_MSG_NEWKEYS.
debug1: send SSH2_MSG_NEWKEYS.
debug1: done: send SSH2_MSG_NEWKEYS.
debug1: done: KEX2.
debug1: send SSH2_MSG_SERVICE_REQUEST
de 58 63 8c 67 dd 9d 26 c2 f9 23 84 80 d0 94 0b
Disconnecting: Bad packet length -564632692.
debug1: Calling cleanup 0x805e31c(0x0)
version 2 protocol, quitting with the error message:
[***@tesla dunlap]$ ssh -2 kraken
7a 90 3f 39 37 67 0d 9e ac 43 74 c3 83 83 f5 a2
Disconnecting: Bad packet length 2056273721.
tesla is Linux tesla.apl.washington.edu 2.2.16-3 #1 Mon Jun 19
19:11:44 EDT 2000 i686 unknown Intel RHL6.2 with OpenSSH-2.5.2.p1
compiled from sources on machine with all RHL6.2 patches. kraken is
SunOS kraken 5.6 Generic_105181-23 sun4u sparc SUNW,Ultra-5_10 with
OpenSSH-2.5.1p2. This problem does not exsist when an OpenSSH-2.5.1p2
client is used from tesla. Nor does it exist when OpenSSH-2.5.2.p1
client is used to an OpenSSH-2.5.1p2 server on RHL6.2.
Here is the result of the faulty (non)connection with full debugging.
Presently I don't have root access to the server machine.
[***@tesla dunlap]$ ssh -v -v -v -2 kraken
OpenSSH_2.5.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: getuid 101 geteuid 0 anon 1
debug1: Connecting to kraken [128.95.97.25] port 22.
debug1: Connection established.
debug1: identity file /home/dunlap/.ssh/identity type 0
debug1: unknown identity file /home/dunlap/.ssh/id_dsa
debug1: identity file /home/dunlap/.ssh/id_dsa type -1
debug1: unknown identity file /home/dunlap/.ssh/id_rsa1
debug1: identity file /home/dunlap/.ssh/id_rsa1 type -1
debug1: unknown identity file /home/dunlap/.ssh/id_rsa2
debug1: identity file /home/dunlap/.ssh/id_rsa2 type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_2.5.1p1
debug1: match: OpenSSH_2.5.1p1 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.5.2p1
debug1: send KEXINIT
debug1: done
debug1: wait KEXINIT
debug1: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug1: got kexinit: ssh-dss
debug1: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-***@lysator.liu.se
debug1: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-***@lysator.liu.se
debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160,hmac-***@openssh.com,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160,hmac-***@openssh.com,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: none,zlib
debug1: got kexinit: none,zlib
debug1: got kexinit:
debug1: got kexinit:
debug1: first kex follow: 0
debug1: reserved: 0
debug1: done
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: dh_gen_key: priv key bits set: 123/256
debug1: bits set: 1010/2049
debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
debug1: Host 'kraken' is known and matches the DSA host key.
debug1: Found key in /home/dunlap/.ssh/known_hosts2:4
debug1: bits set: 1034/2049
debug1: len 55 datafellows 0
debug1: ssh_dss_verify: signature correct
debug1: Wait SSH2_MSG_NEWKEYS.
debug1: GOT SSH2_MSG_NEWKEYS.
debug1: send SSH2_MSG_NEWKEYS.
debug1: done: send SSH2_MSG_NEWKEYS.
debug1: done: KEX2.
debug1: send SSH2_MSG_SERVICE_REQUEST
de 58 63 8c 67 dd 9d 26 c2 f9 23 84 80 d0 94 0b
Disconnecting: Bad packet length -564632692.
debug1: Calling cleanup 0x805e31c(0x0)
--
John Dunlap University of Washington
Senior Electrical Engineer Applied Physics Laboratory
***@apl.washington.edu 1013 NE 40th Street
206-543-7207, 543-1300, FAX 543-6785 Seattle, WA 98105-6698
John Dunlap University of Washington
Senior Electrical Engineer Applied Physics Laboratory
***@apl.washington.edu 1013 NE 40th Street
206-543-7207, 543-1300, FAX 543-6785 Seattle, WA 98105-6698