https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=285340
Bug ID: 285340
Summary: scp traffic over OpenVPN 2.6.13 with fails with
message authentication code incorrect
Product: Base System
Version: 14.1-RELEASE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
With a OpenVPN 2.6.13 running on the FreeBSD 14.2 gateway and a FreeBSD 14.1
client, scp traffic fails.
Of note: the gateway mentioned above replaced a unit running FreeBSD
14.0-CURRENT amd64 1400094 and OpenVPN 2.6.8_1 - this configuration worked fine
with all OpenVPN clients.
The scp failure occurs like this:
% scp [email protected]:FreeBSD-14.2-RELEASE-amd64-memstick.img .
FreeBSD-14.2-RELEASE-amd64-memstick.img 0% 0 0.0KB/s --:-
ETAF
ssh_ssh_dispatch_run_fatal: Connection to 10.0.0.10 port 22: message
authentication code incorrect
scp: Connection closed
Interactive ssh sessions work fine.
This is repeatable. Over traffic over the web has similar issues. e.g. Bacula
backups fail with:
SD says - Error: openssl.c:108 TLS read/write failure.: ERR=error:0A000119:SSL
\
routines::decryption failed or bad record mac FD says - Error: bsock.c:397
Upgrading the hosts to FreeBSD 14.2 solves the problem. I know the fix for me:
I'm going to upgrade to 14.2 anyway. However, knowing the cause of the problem
might be important.
I've tried various MTU, talked to OpenVPN folks, discussed it on the Bacula
channel.
--
You are receiving this mail because:
You are the assignee for the bug.
