S: etiology of "Corrupted MAC on input"

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Is there some description of the OpenSSH's "Corrupted MAC on input" error,
its sense and causes, including software and hardware imcompatibility?

After the server's hardware upgrade users have such error sporadically,
but I'm not willing to examine sshd under a debugger
without a good knowledge of this aspect of the protocol.

qq~~~~\ [ IP ]
/ /\   \        [ FAQ you ]
\  /_/ /

Re: S: etiology of "Corrupted MAC on input"

Quoted text here. Click to load it

Basically, anything that can change the data in transit.

In the past it has been tracked to faulty hardware (bad RAM, overheating
CPUs, flaky network cards, buggy routers[1]).  It could  be caused by
compilation problems (esp. OpenSSL).  It's also possible that it might
be caused by a bug in OpenSSH, but AFAIK none have been traced to this.

The folks doing the high-performance patches also report problems with
Linux 2.4 kernels and jumbo packets[2].

Quoted text here. Click to load it

Unfortunately, it's probably too late at that point.  Provided it's not
a bug in OpenSSH then the corruption has already occurred.

[1] http://bugzilla.mindrot.org/show_bug.cgi?id=510
(there's a couple of other bug reports that might be worth combing for

[2] http://www.psc.edu/networking/projects/hpn-ssh /

Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Site Timeline