[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: OpenSSH issues with Solaris 7/8 [LONG!!]
Hah!! That did it!
(A la the wolf from Droopy Dog cartoons) Brainz man, brainz...
Seems that the rijndael/aes code is hosed on either the OpenBSD
side or the Solaris side. Much as I hate to say it, it looks like
it's the OpenBSD side.
Once I removed _all_ aes/rijndael entries in the ssh_config on the
OpenBSD box, I was able to connect to all of my other machines.
(Solaris, Linux, Win32, etc.)
Unfortunately however, I still cannot connect with aes/rijndael from
any other machine back to my OpenBSD boxen. Only with blowfish, 3des
and arcfour. I can still connect with aes/rijndael from/to anything
_except_ OpenBSD, and I can connect with aes/rijndael from/to any
OpenBSD box to another OpenBSD box so long as they both are running
version 2.8 (not v2.7 tho', so this is new in the latest release).
So, does this constitute something I should bug report? Or are the
hard working and underpaid developers of OpenSSL/SSH already burning
the midnight oil to fix this?
Multitudes of thanks,
Ed Vazquez
Seth Arnold wrote:
>
> * Ed Vazquez, Jr. <evazquez@inflow.com> [010123 10:51]:
> > Good suggestion... tried by renaming ~/.profile, ~/.bashrc and
> > /etc/profile to eliminate them from the equation, still the same
> > "Bad packet length" error as when they were active.
>
> *sigh* -- I *REALLY* hoped that would be it. (Mainly since it took me
> months to track that one down. :)
>
> Ok. Now, for a complete shot in the dark, how about removing all
> specifications of ciphers from the config files? I don't know why this
> should make a difference, but if you are feeling bored/tired/frustrated,
> it might not hurt to try.
>
> Good luck man. :)
>
> --
> ``Oh Lord; Ooh you are so big; So absolutely huge; Gosh we're all
> really impressed down here, I can tell you.''