On Wed, Jun 1, 2016 at 3:22 AM, Dimitris Diochnos <diochnos@xxxxxxxxx>
wrote:
> [...]
> In this sense, both commands are executed with MTU=1500 but ssh does
> behave differently in these two situations without me having to change
> anything in my network configuration.
The thing ssh does differently in these two instances is that when you
don't specify -m, it uses the default MACs list which can be reasonably
long. If you look at the output of ssh -vv you'll see something like this:
debug2: kex_parse_kexinit: umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,
hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,
hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx
,hmac-sha2-256,hmac-sha2-512,hmac-sha1
which in my case is 214 bytes, compared to 24 bytes when you specify
umac64. You'll likely see similar behaviour if you specify the Ciphers
or KexAlgorithms.
> Thus a reasonable (?) guess is
> that perhaps ssh does not set all the necessary flags and options
> correctly when umac-64-etm@xxxxxxxxxxx is set automatically during the
> negotiation
Nope, it doesn't do anything different with regard to network options and
such. You did an good job figuring out that your network is broken, but
that's what you need to fix to resolve your problem.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
