Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 34797 - linux openssh-2.5.2p2-1.7 can't connect to solaris openssh-2.5.1p1
linux openssh-2.5.2p2-1.7 can't connect to solaris openssh-2.5.1p1
Product: Red Hat Linux
Classification: Retired
Component: openssh (Show other bugs)
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Nalin Dahyabhai
: 36298 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2001-04-04 22:18 EDT by Herrick, Andrew
Modified: 2008-05-01 11:38 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-04-18 13:42:01 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
This problem is fixed by this additional patch (2.38 KB, patch)
2001-04-14 15:08 EDT, Pekka Savola
no flags Details | Diff

  None (edit)
Description Herrick, Andrew 2001-04-04 22:18:13 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.2 i686; en-US; 0.8.1) Gecko/20010322

I updated my i386 redhat linux 7.0 boxes (running kernel 2.4.[1-2]) to
openssh-2.5.2p2-1.7 and am now unable to connect to my solaris 8 machines
running openssh-2.5.1p1. The linux boxes are running frrom rpm:
openssh-2.5.2p2-1.7.i386.rpm. The solaris boxes got openssh 2.5.1p1 from:


The error message received reads:

Received disconnect from ip.add.ress.here: 2: Bad packet length 1058263357.

This only happens when trying to connect from linux to solaris. I can
connect from solaris to an upgraded linux box. I am able to connect from
linux using any previous version of the openssh rpm.

Reproducible: Always
Steps to Reproduce:
1.Install upgraded openssh rpm
2.Install latest sunfreeware openssh package
3.Attempt to connect from linux to solaris
4.Be gripped by dissapointment :)

Actual Results:  Received error message:

Received disconnect from xxx.xxx.xxx.xxx: 2: Bad packet length 1058263357.

Expected Results:  Should have gotten a password prompt.

I have nothing further.
Comment 1 Arend Smit 2001-04-05 07:00:32 EDT
This bug also surfaces with a HPUX version of 

When trying to connect from a RH7 box to the HPUX box the same thing happens.

tail from ssh -v -v -v user@HPUX

debug1: bits set: 1051/2049
debug1: len 55 datafellows 4096
debug1: ssh_dss_verify: signature correct
debug1: Wait SSH2_MSG_NEWKEYS.
debug1: send SSH2_MSG_NEWKEYS.
debug1: done: send SSH2_MSG_NEWKEYS.
debug1: done: KEX2.
Received disconnect from 2: Bad packet length 2122562889.
debug1: Calling cleanup 0x80615d0(0x0)

Interim solution is to use:
ssh -1 user@HPUX
if the host hasn't disabled the ssh 1 protocol.
Comment 2 Pekka Savola 2001-04-06 04:45:24 EDT
This caused by buggy aes/rijndael implementation in openssh < 2.5.2p2.

There was a patch for this (aes-compat.diff), but unfortunately, it does not

If you apply the patch:

 - (djm) OpenBSD CVS Sync
   - stevesk@cvs.openbsd.org 2001/03/29 21:06:21
	[sshconnect2.c sshd.c]
     need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@

It will work; I tried this by grabbing:


and ignoring the first reject.
Comment 3 Pekka Savola 2001-04-06 04:46:09 EDT
Note: you can also get around the problem by defining Ciphers statically, e.g.,
in ssh_config:

Ciphers blowfish-cbc,arcfour

No problems then.
Comment 4 Herrick, Andrew 2001-04-08 13:31:09 EDT
There are new packages on sunfreeware:


These are not listed on the main sunfreeware web page, but they are up on the
ftp site. I have tested with these new packages and the latest RPM updates for
Redhat 7.0 (openssh-2.5.2p2-1.7.2.i386.rpm). Everything appears to be working
smoothly. Hope this helps someone out there! I think this bug should probably be
closed, but will leave it up to the ASSIGNED contact. Thanks!
Comment 5 Pekka Savola 2001-04-14 15:08:59 EDT
Created attachment 15364 [details]
This problem is fixed by this additional patch
Comment 6 Pekka Savola 2001-04-18 13:41:57 EDT
*** Bug 36298 has been marked as a duplicate of this bug. ***
Comment 7 Pekka Savola 2001-05-11 16:43:26 EDT
The compatibility mode is fixed in Rawhide openssh-2.9p1-1.
Comment 8 Gerald Teschl 2001-06-07 05:57:27 EDT
The same problem shows up when conntecting to a box running
AIX 4 and OpenSSH_2.3.0p1. Could you (RH) please issue errata packages for 7.1.
Comment 9 Pekka Savola 2001-06-07 06:20:22 EDT
There were security problems found (you could delete other people's 'cookies'
file due
to X11 forwarding) lately, so this is probably going to happen, I think.

Note You need to log in before you can comment on or make changes to this bug.