Bug 21509 - openssh-2.3.0p1-4 does not connect to ssh-2.1.0.pl2
openssh-2.3.0p1-4 does not connect to ssh-2.1.0.pl2
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: openssh (Show other bugs)
7.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
: 21784 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-11-30 06:55 EST by Sarantis Paskalis
Modified: 2008-05-01 11:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-12-06 02:43:39 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Sarantis Paskalis 2000-11-30 06:55:43 EST
Here are the attempts.  Used to work with openssh-2.1.1p4-1.

redhat-linux-7$ ssh host.foo.com
autodetect SSH_BUG_SIGBLOB
Received packet with bad string length -1570970969

redhat-linux-7$ ssh -v host.foo.com
SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /home/sarantis/.ssh/config
debug: Applying options for *
debug: Reading configuration data /etc/ssh/ssh_config
debug: Applying options for *
ebug: Seeding random number generator
debug: ssh_connect: getuid 501 geteuid 0 anon 0
debug: Connecting to host.foo.com [xxx.xxx.xxx.xxx] port 22.
debug: Allocated local port 1023.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version 2.1.0.pl2 SSH
Secure Shell (non-commercial)
debug: match: 2.1.0.pl2 SSH Secure Shell (non-commercial) pat ^2\.

Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-2.0-OpenSSH_2.3.0p1
debug: Seeding random number generator
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit: diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none
debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour,none
debug: got kexinit: hmac-md5,md5-8,none
debug: got kexinit: hmac-md5,md5-8,none
debug: got kexinit: none,zlib
debug: got kexinit: none,zlib
debug: got kexinit: 
debug: got kexinit: 
debug: first kex follow: 0 
debug: reserved: 0 
debug: done
debug: kex: server->client 3des-cbc hmac-md5 none
debug: kex: client->server 3des-cbc hmac-md5 none
debug: Sending SSH2_MSG_KEXDH_INIT.
debug: bits set: 495/1024
debug: Wait SSH2_MSG_KEXDH_REPLY.
debug: Got SSH2_MSG_KEXDH_REPLY.
debug: Host 'host.foo.com' is known and matches the DSA host key.
debug: bits set: 497/1024
autodetect SSH_BUG_SIGBLOB
debug: len 40 datafellows -2
Received packet with bad string length 1391165797
debug: Calling cleanup 0x805f3c0(0x0)
Comment 1 Pekka Savola 2000-12-01 15:29:50 EST
Does it work if you change the following in compat.c:

---
                { "^2\\.1\\.0 ",        SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
                                        SSH_OLD_SESSIONID },
---

to:

---
                { "^2\\.1\\.0",        SSH_BUG_SIGBLOB|SSH_BUG_HMAC|
                                        SSH_OLD_SESSIONID },
---
and recompile?

ie. remove the space after ^2\\.1\\.0 ?  

A change causing this was committed to OpenBSD CVS on Oct 10, so this could probably be it.
Your sshd is detected as a fallback case "^2\\.".

Comment 2 Sarantis Paskalis 2000-12-02 10:51:25 EST
Yes!  The patch above proposed by <pekkas@netcore.fi> did the trick.
It seems that 2.1.0.pl2 also exhibits that SIGBLOB bug.
Thanks.

Sarantis
Comment 3 Pekka Savola 2000-12-03 17:00:27 EST
Fixed in the latest OpenSSH snapshots, too.
Comment 4 Pekka Savola 2000-12-06 02:43:36 EST
*** Bug 21784 has been marked as a duplicate of this bug. ***
Comment 5 Pekka Savola 2001-02-24 03:21:57 EST
This has been fixed in 2.5.1p1 which is (will be) in rawhide.

Note You need to log in before you can comment on or make changes to this bug.