[lug] ssh Bad packet length?

Hugh Brown hugh at brownclan.org
Thu Jun 20 13:47:31 MDT 2002


Stab in the dark on this one, comments below.




On Tue, 2002-06-18 at 19:17, Anders Knudsen wrote:
> Calling all SSH gurus...
> 
> Am having some SSH problems. When I SSH to my machine at home, I am
> getting "bad packet length" drops, after some time. The disconnect never
> happens immediately, but is not at a consistent time either.
> I am using openssh-3.1p1-3 on the client side, and
> openssh-server-3.1p1-3 on the server (home machine) side (Redhat both
> sides.)

I have had similar problems when ssh was expecting a certain version of
openssl and wasn't getting it (i.e. I rpm -Fvh openssh*rpm and it didn't
like the openssl for version 1 clients).  I also had that happen when I
modified a character in a host key to try and give an example of the
"MIM warning message"

> Appended is output from a session using ssh -v.
> 
> Anyone have any insight to this? Or is it a known problem? I've hunted
> around for answers, but have not found anything yet. Also I've tried
> forcing protocol 2, and tried dsa and rsa keys, but still the problem
> exists. Also, the number reported after the "Bad packet length" message
> is never the same.
> I am alone? :)
> 
> TIA,
> -Anders.
> 
> [anders at anders anders]$ ssh -v home
> OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
> debug1: Reading configuration data /home/anders/.ssh/config
> debug1: Applying options for home
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Rhosts Authentication disabled, originating port will not be
> trusted.
> debug1: restore_uid
> debug1: ssh_connect: getuid 1000 geteuid 0 anon 1
> debug1: Connecting to xxx.yyy.zzz.107 [xxx.yyy.zzz.107] port 22.
> debug1: temporarily_use_uid: 1000/1000 (e=0)
> debug1: restore_uid
> debug1: temporarily_use_uid: 1000/1000 (e=0)
> debug1: restore_uid
> debug1: Connection established.
> debug1: read PEM private key done: type DSA
> debug1: read PEM private key done: type RSA
> debug1: identity file /home/anders/.ssh/id_rsa type 1
> debug1: identity file /home/anders/.ssh/id_dsa type 2
> debug1: Remote protocol version 2.0, remote software version
> OpenSSH_3.1p1
> debug1: match: OpenSSH_3.1p1 pat OpenSSH*
> Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_3.1p1
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none

here's the stab in the dark.  It looks like it is using aes as the
algorithm of choice.  putty barfs if I put aes ahead of blowfish when I
am connecting to openssh.  No idea if it is related though.


> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: dh_gen_key: priv key bits set: 128/256
> debug1: bits set: 1523/3191
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host 'xxx.yyy.zzz.107' is known and matches the RSA host key.
> debug1: Found key in /home/anders/.ssh/known_hosts2:2
> debug1: bits set: 1552/3191
> debug1: ssh_rsa_verify: signature correct
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: done: ssh_kex2.
> debug1: send SSH2_MSG_SERVICE_REQUEST
> debug1: service_accept: ssh-userauth
> debug1: got SSH2_MSG_SERVICE_ACCEPT
> debug1: authentications that can continue:
> publickey,keyboard-interactive
> debug1: next auth method to try is publickey
> debug1: try pubkey: /home/anders/.ssh/id_rsa
> debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 277 lastkey 0x8090528
> hint 0
> debug1: PEM_read_PrivateKey failed
> debug1: read PEM private key done: type <unknown>
> Enter passphrase for key '/home/anders/.ssh/id_rsa': 
> debug1: read PEM private key done: type RSA
> debug1: ssh-userauth2 successful: method publickey
> debug1: Connections to local port 5905 forwarded to remote address
> miraculix:5905
> socket: Address family not supported by protocol
> debug1: Local forwarding listening on 127.0.0.1 port 5905.
> debug1: fd 4 setting O_NONBLOCK
> debug1: channel 0: new [port listener]
> debug1: fd 6 setting O_NONBLOCK
> debug1: channel 1: new [client-session]
> debug1: send channel open 1
> debug1: Entering interactive session.
> debug1: ssh_session2_setup: id 1
> debug1: channel request 1: pty-req
> debug1: Requesting X11 forwarding with authentication spoofing.
> debug1: channel request 1: x11-req
> debug1: channel request 1: shell
> debug1: fd 3 setting TCP_NODELAY
> debug1: channel 1: open confirm rwindow 0 rmax 32768
> Last login: Tue Jun 18 15:55:35 2002 from xxx.yyy.zzz.176
> [anders at miraculix anders]$ debug1: Connection to port 5905 forwarding to
> miraculix port 5905 requested.

the port forwarding may be getting interfered with by the routing, as
someone else pointed out.


> debug1: fd 8 setting TCP_NODELAY
> debug1: fd 8 setting O_NONBLOCK
> debug1: channel 2: new [direct-tcpip]
> debug1: channel 2: open confirm rwindow 131072 rmax 32768
> 3ad3 7973 72b3 39a2 80c0 ba46 869e d118
> 
> Disconnecting: Bad packet length 986937715.
> debug1: Calling cleanup 0x8051860(0x0)
> debug1: Calling cleanup 0x8058450(0x0)
> debug1: channel_free: channel 0: port listener, nchannels 3
> debug1: channel_free: channel 1: client-session, nchannels 2
> debug1: channel_free: channel 2: direct-tcpip: listening port 5905 for
> miraculix    port 5905, connect from 127.0.0.1 port 45908, nchannels 1
> debug1: Calling cleanup 0x8063550(0x0)
> [anders at anders anders]$ 
> 
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug





More information about the LUG mailing list