Subject: Re: error: Corrupted MAC on input. [preauth]

Re: error: Corrupted MAC on input. [preauth]

From: Peter Stuge <peter_at_stuge.se>
Date: Wed, 19 May 2021 20:23:47 +0000

Hi Eric,

libssh_at_bentleyemail.net wrote:
> I have an embedded linux project using buildroot which I've included
> libssh2 in. The current configuration also is using dropbear.
> I am attempting to use curl with scp to retrieve a file stream but am
> getting an error.

Thank you for reporting! If master still has this issue we need to fix it
before release, which should be quite soon.

> curl: (2) Failure establishing ssh session: -43,
> I turned sshd debug up to level 3 and see: the error
> Corrupted MAC on input. [preauth] (full error log at end of this post)
..
> sshd[361421]: debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none [preauth]
..
> sshd[361421]: debug1: SSH2_MSG_NEWKEYS received [preauth]
> sshd[361421]: debug2: set_newkeys: mode 0 [preauth]
> sshd[361421]: debug1: rekey in after 4294967296 blocks [preauth]
> sshd[361421]: debug1: KEX done [preauth]
> sshd[361421]: Corrupted MAC on input. [preauth]

Please provide us with more information:

What processor does your embedded system have? In particular endianess
and native bit size (32/64?)

What MAC is negotiated by the dropbear and OpenSSH clients you tested?

Are results identical with a server running an unpatched upstream OpenSSH?

Thank you and kind regards

//Peter
_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2021-05-19