Mailing List Archive: [Bug 845] Received disconnect from ???: 2: Corrupted MAC on input.

[Bug 845] Received disconnect from ???: 2: Corrupted MAC on input.

bugzilla-daemon at mindrot

Apr 20, 2004, 7:55 AM

Post #1 of 8 (444 views)

http://bugzilla.mindrot.org/show_bug.cgi?id=845

Summary: Received disconnect from ???: 2: Corrupted MAC on input.
Product: Portable OpenSSH
Version: 3.8p1
Platform: UltraSparc
OS/Version: Solaris
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: annisd@schneider.com

When copying small files (html pages) to web servers, we occasionally get a
failure message:

Received disconnect from xx.xx.xx.xx: 2: Corrupted MAC on input.
(xx.xx.xx.xx is the IP address of one of the web servers)

We copy 6 files to 2 machines every hour. The failure happens 2 or 3 times a
day. It's a different file each time, and occurs on either target machine. We
have this failure using scp, sftp, and streaming tar file through stdin to ssh.

The source machine is AIX 5.1 ML05 using openssh 3.8p1, corporate internal DNS.

The target machines are SunOS 5.8, kernel 108528-18, They are outside our
firewall, using our ISP's DNS. The source machine is not in the ISP's DNS. It
is in the /etc/hosts file. X11Forwarding is turned off in sshd_config on the
target machines.

The firewall's NICs are Sun qfe cards. The network switches are Cisco 6500

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 845] Received disconnect from ???: 2: Corrupted MAC on input. [ In reply to ]

bugzilla-daemon at mindrot

Apr 20, 2004, 7:58 AM

Post #2 of 8 (443 views)

http://bugzilla.mindrot.org/show_bug.cgi?id=845

------- Additional Comments From annisd@schneider.com 2004-04-21 01:58 -------
Created an attachment (id=605)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=605&action=view)
Webserver (target) sshd_config

sshd_config from target machine (where corrupt MAC error occurs)

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 845] Received disconnect from ???: 2: Corrupted MAC on input. [ In reply to ]

bugzilla-daemon at mindrot

Apr 20, 2004, 8:00 AM

Post #3 of 8 (443 views)

http://bugzilla.mindrot.org/show_bug.cgi?id=845

------- Additional Comments From annisd@schneider.com 2004-04-21 02:00 -------
Created an attachment (id=606)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=606&action=view)
Source machine ssh_config

ssh_config from source machine (receives disconnect message from target
webserver).

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 845] Received disconnect from ???: 2: Corrupted MAC on input. [ In reply to ]

bugzilla-daemon at mindrot

Apr 29, 2004, 6:16 AM

Post #4 of 8 (444 views)

http://bugzilla.mindrot.org/show_bug.cgi?id=845

------- Additional Comments From dtucker@zip.com.au 2004-04-30 00:16 -------
This is usually a problem on the network between client and server, but has also
been reported to be caused by bad RAM in either client or server. The fact that
it's not consistent makes it unlikely to be a software problem. How big are the
files, and what kind of network gear do you have between client and server?

Also see bug #510.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 845] Received disconnect from ???: 2: Corrupted MAC on input. [ In reply to ]

bugzilla-daemon at mindrot

Apr 29, 2004, 7:50 AM

Post #5 of 8 (444 views)

http://bugzilla.mindrot.org/show_bug.cgi?id=845

------- Additional Comments From annisd@schneider.com 2004-04-30 01:50 -------
The source machine is an IBM P650 with standard IBM ethernet controller.
The firewall and web servers are Sun with Sun qfe cards.
The switches are all Cisco 6500

I NEVER get this error going through the same infrastructure to machines in the
DMZ's. It ONLY happens going to the external web servers.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 845] Received disconnect from ???: 2: Corrupted MAC on input. [ In reply to ]

bugzilla-daemon at mindrot

Apr 29, 2004, 7:51 AM

Post #6 of 8 (443 views)

http://bugzilla.mindrot.org/show_bug.cgi?id=845

------- Additional Comments From annisd@schneider.com 2004-04-30 01:51 -------
The 6 files in question range from 70 KB to 170 KB. I've also tested this as
one file of about 500 KB.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 845] Received disconnect from ???: 2: Corrupted MAC on input. [ In reply to ]

bugzilla-daemon at mindrot

Apr 29, 2004, 10:20 PM

Post #7 of 8 (444 views)

http://bugzilla.mindrot.org/show_bug.cgi?id=845

------- Additional Comments From dtucker@zip.com.au 2004-04-30 16:20 -------
Which cipher are you using? Does selecting a different cipher make any difference?

Please attach (ie use "create a new attachment") a complete debug trace ("scp
-vvv [options]") of a failed session.

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

[Bug 845] Received disconnect from ???: 2: Corrupted MAC on input. [ In reply to ]

bugzilla-daemon at mindrot

May 6, 2004, 4:52 PM

Post #8 of 8 (443 views)

http://bugzilla.mindrot.org/show_bug.cgi?id=845

dtucker@zip.com.au changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker@zip.com.au

------- Additional Comments From dtucker@zip.com.au 2004-05-07 10:52 -------
*** Bug 860 has been marked as a duplicate of this bug. ***

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.