-
Notifications
You must be signed in to change notification settings - Fork 47
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
latest openssh security update breaks chacha20-poly1305 #125
Comments
Can you post logs/evidences on the issue you're facing ? Please share also the client details and OS! Thanks |
Yes sure
When I rollback ssh to the previous version at the server everything works fine. |
P.S. with Ubuntu clients this issue is present by default (looks like it prefers chacha20-poly1305 by default) |
openssh update perfomed on Feb 2 2024 breaks login with default ciphers. Corrupted MAC on input. Client: Centos9 Stream |
Seeing the same issue from Ubuntu to OL8 systems. From a bug report at Ubuntu: I believe this issue is caused by a bad backport in Oracle's 8.0p1-19.el8_9.2 package. I think their fix for CVE-2023-48795 isn't properly adding kex-strict-s-v00@openssh.com to their KEX. Downgrading the Ubuntu package works around the problem as that prevents the client from offering kex-strict-c-v00@openssh.com. |
Just to add |
It would help my situation if there is a new release that machines with the faulty package will update to. |
We experience the same behaviour: Server
Client
Error
Workaround
|
Same problem with 8.0p1-19.el8_9.2.x86_64 on a few machines here |
Affects connections from PuTTY 0.80 (latest stable release) too. |
arch/manjaro SSH client has the same problem: Any ETA please? |
Thank you very much for the report and the detailed reproduction instructions. A fix for this was released, and announced here: https://linux.oracle.com/errata/ELSA-2024-12164.html |
Hi team!
Oracle Linux 8.9
5.4.17-2136.326.6.el8uek.x86_64
OpenSSH_8.0p1, OpenSSL 1.1.1k
After upgrading to
Name : openssh
Version : 8.0p1
Release : 19.el8_9.2
cannot ssh anymore using chacha20-poly1305 cipher getting Bad packet length and Connection corrupted errors. Everything works using, for example, AES256.
Openssh rollback to the previous version fixes the issue.
Could it be a bug? Thanks
The text was updated successfully, but these errors were encountered: