New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MAC Cipher umac-128-etm@openssh.com does not correctly work #603
Comments
Hi, I have 3 different version of OpenSSH installed servers. My client and servers environment here.
From Windows10 cmd.exe, I typed command like below and was able to connect to my servers successfully.
I have no changes to my /etc/ssh/sshd_config. |
@kinichiro I think this can be only reproduced when using cipher
|
@jansohn Thanks.
|
On Ubuntu18 server, that runs OpenSSH_7.6p1 with OpenSSL 1.0.2n,
And this ssh client using
I believe this issue is specific to Windows build. |
@kinichiro no, I don't think this issue should be closed as it seems to be a specific problem with LibreSSL. The problematic combination works for example with the Git for Windows ssh binary which uses OpenSSL instead of LibreSSL.
|
@jansohn Can you tell or provide link about the procedure to build that Windows ssh ? |
@kinichiro I'm not very familiar with the build process but afaik @bagajjal is. |
I can provide support for building ssh with libressl on Windows to help debug this. The latest release of OpenSSH for Windows with LibreSSL is available at https://github.com/powershell/win32-OpenSSH/releases/ Also if it's been too long since this issue was opened, and we should open another one - let me know! |
I can confirm that this issue is still present PS C:\Users\mtinberg> ssh -V
OpenSSH_for_Windows_9.5p1, LibreSSL 3.8.2
PS C:\Users\mtinberg> ssh -m umac-128-etm@openssh.com host.example.com
Corrupted MAC on input.
ssh_dispatch_run_fatal: Connection to 192.0.2.101 port 22: message authentication code incorrect
PS C:\Users\mtinberg> ssh -m hmac-sha2-512-etm@openssh.com host.example.com
[mtinberg@host ~]$ |
It would be interesting to know if this issue goes away if LibreSSL is compiled with -DOPENSSL_SMALL_FOOTPRINT. I do not currently have access to a Windows platform, nor do I have time to do a lot of debugging for this issue myself, but if someone could confirm this, I think I have an idea how to fix this properly. |
@mtinberg, can you provide some more details about your repro? What's the architecture of the client machine? Is the issue present connecting to any ssh server? I've tested from an ssh client on an AMD64 Windows machine to both a Windows and Ubuntu ssh server, but cannot repro. I can also compile LibreSSL with -DOPENSSL_SMALL_FOOTPRINT and provide the binaries if you or someone else would be open to testing it out. |
The combination that doesn't work is:
Client is Win10 x86_64 OpenSSH_for_Windows_9.5p1, LibreSSL 3.8.2
Server is CentOS7 x86_64 OpenSSH_7.4p1, OpenSSL 1.0.2k-fips openssh-7.4p1-22.el7_9.x86_64
I have other EL7 servers running openssh-7.4p1-23.0.1.el7_9.x86_64 managed by a different group (the affected one is on an appliance-like system) that work fine but their sshd_config is different
sshd_config (not working) MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
sshd_config (working) MACs hmac-sha2-512,hmac-sha2-256,hmac-sha1
and I was able to make things work on both hosts by adding allowed MACs to the ssh_config on my Win10 host
Host *
MACs hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
I thought there was some default crypto policy that got included in the ssh config on redhat, but I can't seem to find this in the config at the moment.
So either the client or server config can constrain the MACs to a working set that gets negotiated, but the default config from OpenBSD/OpenSSH present on Windows SSH (not having ssh_config in system-wide appdata and relying on the compiled-in defaults) doesn't negotiate right with LibreSSL when connecting to EL7 with OpenSSL with the umac-128-etm@openssh.com MAC
|
When using the libressl-portable version with "OpenSSH for Windows", the MAC cipher
umac-128-etm@openssh.com
does not work correctly.Details can be found with issue #1359 in the Powershell/Wind32-Openssh project.
PowerShell/Win32-OpenSSH#1359
The text was updated successfully, but these errors were encountered: