Peter Gutmann wrote: > Darren Tucker <dtucker@xxxxxxxxxx> writes: > >> That's a vendor-modified version of OpenSSH. Assuming it corresponds to >> what's in FreeBSD head, there's about a thousand lines of changes. > Ugh. > >> Can you reproduce the problem with an unmodified version from openssh.com? >> Failing that, can you get the server-side debug output from a failing >> connection (ie /path/to/sshd -ddd)? > I've cc'd this to the person who reported it in case he can shed more light on > the specifics, in the meantime here's the level 3 debug output that he > provided me with (this was previously posted to a public mailing list so I'm > assuming it's not sensitive): The problem was originally reported via IRC against "a couple different Linux distros", and I found I could reproduce with my FreeBSD 11 box so I added a local patch to work around it, sent it to the reporter who confirmed that it solved his issue. I can try to find out the specific distros, though I suspect they have vendor patches as well. His system also had all the CBC ciphers disabled by default, including the mandatory 3des-cbc and recommended aes128-cbc, so I suspect a reaction to some padding oracle attack (I don't really keep up) was involved on his systems. It seems that Cryptlib only does CBC, so I had to walk him through re-enabling those. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev