NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: bin/43221: ssh(1) doesn't support MAC 'umac-64%openssh.com@localhost'



On Apr 29,  8:05am, tron%zhadum.org.uk@localhost (tron%zhadum.org.uk@localhost) 
wrote:
-- Subject: bin/43221: ssh(1) doesn't support MAC 
'umac-64%openssh.com@localhost'

| >Number:         43221
| >Category:       bin
| >Synopsis:       ssh(1) doesn't support MAC 'umac-64%openssh.com@localhost'
| >Confidential:   no
| >Severity:       non-critical
| >Priority:       low
| >Responsible:    bin-bug-people
| >State:          open
| >Class:          sw-bug
| >Submitter-Id:   net
| >Arrival-Date:   Thu Apr 29 08:05:00 +0000 2010
| >Originator:     tron%zhadum.org.uk@localhost
| >Release:        NetBSD 5.99.27
| >Organization:
| Matthias Scheler                                  http://zhadum.org.uk/
| >Environment:
| System: NetBSD lyssa.zhadum.org.uk 5.99.27 NetBSD 5.99.27 (LYSSA) #0: Fri Apr 
23 11:26:15 BST 2010 tron%lyssa.zhadum.org.uk@localhost:/src/sys/compile/LYSSA 
i386
| Architecture: i386
| Machine: i386
| >Description:
| The ssh_config(1) manual page claims that the default list of MAC algorithms
| supported by ssh(1) looks like this:
| 
|                    hmac-md5,hmac-sha1,umac-64%openssh.com@localhost,
|                    hmac-ripemd160,hmac-sha1-96,hmac-md5-96
| 
| But 'umac-64%openssh.com@localhost' doesn't actually work:
| 
| tron@lyssa:~>ssh -m umac-64%openssh.com@localhost colwyn
| Unknown mac type 'umac-64%openssh.com@localhost'
| 
| The other algorithms are really supported:
| 
| tron@lyssa:~>ssh -m hmac-ripemd160 colwyn     
| Last login: Thu Apr 29 08:53:37 2010 from excalibur.zhadum.org.uk
| NetBSD 5.0_STABLE (COLWYN.64) #0: Mon Jan 25 15:37:55 GMT 2010
| 
| Welcome to NetBSD!
| 
| tron@colwyn:~>
| 
| >How-To-Repeat:
| ssh -m umac-64%openssh.com@localhost <hostname>
| 
| >Fix:
| We should either change the manual page or enable support for the
| missing MAC algorithm.

Change the man page; the umac-64 code is poorly written and will not work
for architectures with alignment constraints.

christos



Home | Main Index | Thread Index | Old Index