If I try to set up ~/.ssh/authorized_keys on NetBSD-1.6T so
that a login is restricted to running only a given command
using the 'command="/usr/bin/true"' syntax, I get a
"Corrupted MAC on input" error from sshd.

Does anybody else see this?  I haven't found a PR about it.  

Edited transcript appended...

Chris <jepeway@blasted-heath.com>.

% pwd					# where am i?
/home/jepeway/.ssh
% cat authorized_keys			# who can log in via public_key?
ssh-rsa <BIG LONG PUBLIC KEY> slappy@blasted-heath.com
% ssh -i ./slappy localhost date	# show that public_key works
Enter passphrase for key './slappy': 
Thu May 22 22:05:20 UTC 2003
% vi authorized_keys			# change to restrict slappy to a command
% cat authorized_keys
command="/usr/bin/date" ssh-rsa <BIG LONG PUBLIC KEY> slappy@blasted-heath.com
% ssh -i slappy localhost		# try this out
Enter passphrase for key 'slappy': 
Received disconnect from ::1: 2: Corrupted MAC on input.	# wtf?
% vi authorized_keys			# change from command to no-pty
% cat authorized_keys
no-pty ssh-rsa <BIG LONG PUBLIC KEY> slappy@blasted-heath.com
% ssh -i ./slappy localhost date	# try w/o pty
Enter passphrase for key './slappy': 
Received disconnect from ::1: 2: Corrupted MAC on input.	# wtf?
% vi authorized_keys			# remove all restrictions
% cat authorized_keys
ssh-rsa <BIG LONG PUBLIC KEY> slappy@blasted-heath.com
% ssh -i ./slappy -T localhost date	# try turning off pty on client side
Enter passphrase for key './slappy': 
Thu May 22 22:07:32 UTC 2003		# mmm...works good