Bad packet length 2424479189 Connection corrupted
This bug report will be marked for expiration in 11 days if no further activity occurs. (find out why)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssh (Ubuntu) |
Incomplete
|
Undecided
|
Unassigned |
Bug Description
ssh-clent:
uname -a :5.15.0-48-generic #54-Ubuntu
```
Ubuntu 22.04.3 LTS
OpenSSH_8.9p1 Ubuntu-3ubuntu0.6, OpenSSL 3.0.2 15 Mar 2022
```
ssh-server:
```
OracleLinux 8.9
OpenSSH_8.0p1, OpenSSL 1.1.1k FIPS 25 Mar 2021
```
```
userxxx@
OpenSSH_8.9p1 Ubuntu-3ubuntu0.6, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_
debug3: expanded UserKnownHostsFile '~/.ssh/
debug3: expanded UserKnownHostsFile '~/.ssh/
debug3: ssh_connect_direct: entering
debug1: Connecting to 192.168.xxx.xxx [192.168.xxx.xxx] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x10
debug1: Connection established.
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: identity file /home/userxxx/
debug1: Local version string SSH-2.0-
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.0
debug1: compat_banner: match: OpenSSH_8.0 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.xxx.xxx:22 as 'userxxx'
debug3: record_hostkey: found key type ED25519 in file /home/userxxx/
debug3: load_hostkeys_file: loaded 1 keys from 192.168.xxx.xxx
debug1: load_hostkeys: fopen /home/userxxx/
debug1: load_hostkeys: fopen /etc/ssh/
debug1: load_hostkeys: fopen /etc/ssh/
debug3: order_hostkeyalgs: have matching best-preference key type <email address hidden>, using HostkeyAlgorithms verbatim
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-
debug2: host key algorithms: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: ciphers ctos: <email address hidden>
debug2: ciphers stoc: <email address hidden>
debug2: MACs ctos: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: MACs stoc: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: compression ctos: none,<email address hidden>,zlib
debug2: compression stoc: none,<email address hidden>,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-
debug2: host key algorithms: rsa-sha2-
debug2: ciphers ctos: <email address hidden>,<email address hidden>
debug2: ciphers stoc: <email address hidden>,<email address hidden>
debug2: MACs ctos: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: MACs stoc: <email address hidden>,<email address hidden>,<email address hidden>,<email address hidden>
debug2: compression ctos: none,<email address hidden>
debug2: compression stoc: none,<email address hidden>
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: <email address hidden> MAC: <implicit> compression: none
debug1: kex: client->server cipher: <email address hidden> MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_
debug3: receive packet: type 31
debug1: SSH2_MSG_
debug1: Server host key: ssh-ed25519 SHA256:
debug3: record_hostkey: found key type ED25519 in file /home/userxxx/
debug3: load_hostkeys_file: loaded 1 keys from 192.168.xxx.xxx
debug1: load_hostkeys: fopen /home/userxxx/
debug1: load_hostkeys: fopen /etc/ssh/
debug1: load_hostkeys: fopen /etc/ssh/
debug1: Host '192.168.xxx.xxx' is known and matches the ED25519 host key.
debug1: Found key in /home/userxxx/
debug3: send packet: type 21
debug2: ssh_set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: ssh_set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: get_agent_
debug1: get_agent_
debug1: Will attempt key: /home/userxxx/
debug1: Will attempt key: /home/userxxx/
debug1: Will attempt key: /home/userxxx/
debug1: Will attempt key: /home/userxxx/
debug1: Will attempt key: /home/userxxx/
debug1: Will attempt key: /home/userxxx/
debug1: Will attempt key: /home/userxxx/
debug2: pubkey_prepare: done
debug3: send packet: type 5
Bad packet length 2424479189.
debug2: sshpkt_disconnect: sending SSH2_MSG_
debug3: send packet: type 1
ssh_dispatch_
```
CVE References
description: | updated |
Thank you for taking the time to report a bug and make Ubuntu better.
I tried reproducing the bug locally using an Oracle 8 container and an Ubuntu container. Here are the versions of the packages:
Oracle: server- 8.0p1-19. el8_8.x86_ 64 8.0p1-19. el8_8.x86_ 64 clients- 8.0p1-19. el8_8.x86_ 64 config- 0.9.6-13. el8_9.noarch 0.9.6-13. el8_9.x86_ 64
# rpm -qa | grep ssh
openssh-
openssh-
openssh-
libssh-
libssh-
Ubuntu:
# dpkg -l | grep ssh
ii openssh-client 1:8.9p1-3ubuntu0.6 amd64 secure shell (SSH) client, for secure access to remote machines
Everything worked as expected and I was able to ssh into the Oracle container.
After some research, I found that this specific error you're getting might be related to CVE-2023-48795 (Terrapin attack). More specifically, it has to do with the cipher suites being chosen by the client/server at the time of the login:
https:/ /superuser. com/questions/ 1828501/ how-to- solve-ssh- connection- corrupted- error /unix.stackexch ange.com/ questions/ 765347/ how-do- you-mitigate- the-terrapin- ssh-attack
https:/
Even when I explicitly disable the use of CHACHA20 on the server, I still can login successfully and I see that another cipher has been chosen during the key exchange:
...
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: aes128-ctr MAC: <email address hidden> compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: <email address hidden> compression: none
...
This leads me to believe that there might be some local configuration on your system that's affecting the choice of a suitable cipher. Another option would be some bogus configuration on the server side, I think.
Could you please tell us more details about your environment? Did you explicitly configure your ssh client to require CHACHA20 when connecting to this specific server?
I'm going to mark this bug as Incomplete for to reflect the fact that we're waiting on more details from you. Please set it back to New when you provide the requested information. Thanks.