Re: "Bad packet length 1231976033"

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Sorry about taking so long to get back to you.  The problem is sporadic and I've had other fires to put out first...

Here's a PCAP of authentication failures:

https://www.redfish-solutions.com/misc/kvm1.pcap



> On Apr 9, 2023, at 1:21 AM, Brian Candler <b.candler@xxxxxxxxx> wrote:
> 
> On 09/04/2023 02:20, Philip Prindeville wrote:
>> What's odd is that the length is*always*  1231976033 (which is 0x496E7661 or "Inva" in ASCII).
> 
> Could you get a tcpdump when this happens? Then maybe more of the error can be captured.
> 
> I grepped for Inva in the source code. There are lots of error messages which start with this which are sent with error() or fatal() or fprint(stderr, ...), but two which stand out as being a bit different:
> 
> # kex.c
> 
>  invalid:
>                 send_error(ssh, "Invalid SSH identification string.");
> 
> # packet.c
> 
>         if (*typep < SSH2_MSG_MIN || *typep >= SSH2_MSG_LOCAL_MIN) {
>                 if ((r = sshpkt_disconnect(ssh,
>                     "Invalid ssh2 packet type: %d", *typep)) != 0 ||
> 
> If it happens to be either of these, then the tcpdump showing the exchange prior to this point would be enlightening.
> 

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux