Re: OpenBSD 4.2 / Soekris net4801 / vpn1411 - No More 'Corrupted MAC on input' Using OpenSSH
Hi, Breen Ouellette schrieb: With the release of 4.2 I thought I would check again to see if the vpn1411 still fails with 'Corrupted MAC on input' on a Soekris net4801. I am happy to say that I can no longer reproduce the error using the GENERIC kernel. Noticed that too, maybe it's this change: * New MAC algorithm available for data integrity in ssh(1), UMAC-64. About 20% faster than HMAC-MD5. See: http://openbsd.org/plus42.html Michael
Re: OpenBSD 4.2 / Soekris net4801 / vpn1411 - No More 'Corrupted MAC on input' Using OpenSSH
Breen Ouellette [EMAIL PROTECTED] wrote: With the release of 4.2 I thought I would check again to see if the vpn1411 still fails with 'Corrupted MAC on input' on a Soekris net4801. I am happy to say that I can no longer reproduce the error using the GENERIC kernel. Does anyone know if this was intentionally fixed, or is this an unintentional byproduct of code being cleaned up somewhere else? There has been no fix for this, on account of nobody having diagnosed the problem in the first place. -- Christian naddy Weisgerber [EMAIL PROTECTED]
Re: OpenBSD 4.2 / Soekris net4801 / vpn1411 - No More 'Corrupted MAC on input' Using OpenSSH
Michael [EMAIL PROTECTED] wrote: Noticed that too, maybe it's this change: * New MAC algorithm available for data integrity in ssh(1), UMAC-64. About 20% faster than HMAC-MD5. ssh still defaults to hmac-md5. umac-64 isn't used unless you explicitly configure it. -- Christian naddy Weisgerber [EMAIL PROTECTED]