Bug 199352 - security/openssh-portable: After Current revision, unable to connect via SSH
Summary: security/openssh-portable: After Current revision, unable to connect via SSH
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Bryan Drewery
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-04-10 15:34 UTC by rsimmons0
Modified: 2015-05-11 23:15 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (bdrewery)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description rsimmons0 2015-04-10 15:34:06 UTC
One of the following recent revisions has caused a regression: 383675, 383618, or 383616. I am no longer able to connect to a server running the current version of the port. I get the following error on the client end:

Bad packet length 678327660.
Disconnecting: Packet corrupt

Here is the log entry on the server end:
sshd: error: Received disconnect from 192.168.x.x: 2: Packet corrupt [preauth]
Comment 1 Bryan Drewery freebsd_committer 2015-04-10 16:08:16 UTC
What client are you using?

Can you please run your sshd with -Ddddd and show me the debugging output from the server?

If possible also run the client with -vvv and show the results.
Comment 2 rsimmons0 2015-04-10 22:01:46 UTC
debug2: load_server_config: filename /usr/local/etc/ssh/sshd_config
debug2: load_server_config: done config len = 242
debug2: parse_server_config: config /usr/local/etc/ssh/sshd_config len 242
debug3: /usr/local/etc/ssh/sshd_config:30 setting HostKey /usr/local/etc/ssh/ssh_host_ed25519_key
debug3: /usr/local/etc/ssh/sshd_config:128 setting Subsystem sftp       /usr/local/libexec/sftp-server
debug1: sshd version OpenSSH_6.8, OpenSSL 1.0.2a 19 Mar 2015
debug1: private host key #0: ssh-ed25519 SHA256:<redacted>
debug1: rexec_argv[0]='/usr/local/sbin/sshd'
debug1: rexec_argv[1]='-Ddddd'
debug2: fd 3 setting O_NONBLOCK
debug3: sock_set_v6only: set socket 3 IPV6_V6ONLY
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: fd 5 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 8 config len 242
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
debug1: res_init()
Connection from 192.168.56.1 port 53173 on 192.168.56.51 port 22
debug1: Client protocol version 2.0; client software version OpenSSH_6.7
debug1: match: OpenSSH_6.7 pat OpenSSH* compat 0x04000000
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.8 FreeBSD-openssh-portable-6.8.p1_4,1
debug2: fd 3 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing capsicum sandbox
debug2: Network child is on pid 772
debug3: preauth child monitor started
debug3: privsep user:group 22:22 [preauth]
debug1: permanently_set_uid: 22/22 [preauth]
debug1: list_hostkey_types: ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 [preauth]
debug2: kex_parse_kexinit: ssh-ed25519 [preauth]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth]
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: kex_parse_kexinit: first_kex_follows 0  [preauth]
debug2: kex_parse_kexinit: reserved 0  [preauth]
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
debug2: kex_parse_kexinit: ssh-ed25519-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss [preauth]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib [preauth]
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: kex_parse_kexinit: first_kex_follows 0  [preauth]
debug2: kex_parse_kexinit: reserved 0  [preauth]
debug1: kex: client->server aes128-ctr umac-64-etm@openssh.com none [preauth]
debug1: kex: server->client aes128-ctr umac-64-etm@openssh.com none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
Received disconnect from 192.168.56.1: 2: Packet corrupt [preauth]
Disconnected from 192.168.56.1 [preauth]
debug1: do_cleanup [preauth]
debug3: PAM: sshpam_thread_cleanup entering [preauth]
debug1: monitor_read_log: child log fd closed
debug3: mm_request_receive entering
debug1: do_cleanup
debug3: PAM: sshpam_thread_cleanup entering
debug1: Killing privsep child 772
Comment 3 rsimmons0 2015-04-10 22:07:37 UTC
This is the client output. I'm using the vanilla client from MacOS X Homebrew.

$ ssh -vvv redacted
OpenSSH_6.7p1, OpenSSL 1.0.2a 19 Mar 2015
debug1: Reading configuration data /Users/username/.ssh/config
debug1: /Users/username/.ssh/config line 3: Applying options for redacted
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to redacted [192.168.x.x] port 22.
debug1: Connection established.
debug1: identity file /Users/username/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/username/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/username/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/username/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/username/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/username/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/username/.ssh/id_ed25519 type 4
debug1: key_load_public: No such file or directory
debug1: identity file /Users/username/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8 FreeBSD-openssh-portable-6.8.p1_4,1
debug1: match: OpenSSH_6.8 FreeBSD-openssh-portable-6.8.p1_4,1 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "redacted" from file "/Users/username/.ssh/known_hosts"
debug3: load_hostkeys: found key type ED25519 in file /Users/username/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-ed25519-cert-v01@openssh.com,ssh-ed25519
debug1: SSH2_MSG_KEXINIT sent
Bad packet length 678327660.
Comment 4 Bryan Drewery freebsd_committer 2015-04-10 22:22:33 UTC
Can you show me your 'make pretty-print-config' output too please?
Comment 5 rsimmons0 2015-04-10 22:29:55 UTC
-BSM +HPN -KERB_GSSAPI +LDNS +LIBEDIT -NONECIPHER -OVERWRITE_BASE +PAM -SCTP +TCP_WRAPPERS -X509 KERBEROS( -MIT -HEIMDAL -HEIMDAL_BASE )
Comment 6 Bryan Drewery freebsd_committer 2015-04-10 22:52:46 UTC
I don't see how those patches would cause this.

I just tried from Yosemite and was able to connect fine using /usr/bin/ssh (which is OpenSSH 6.2).

Can you try using /usr/bin/ssh instead of the homebrew one? It would at least tell us if there is something odd with your homebrew one or possibly the server/network.
Comment 7 rsimmons0 2015-04-18 01:25:43 UTC
I connected using the OSX client and the same problem. I am going to try removing the package and rebuilding it and also try it on a fresh install to see if something is different there.
Comment 8 mdhughes_us 2015-04-27 22:33:39 UTC
I am having the same problem after doing a portupgrade on 8.4-RELEASE-p18 amd64 system.
Comment 9 Bryan Drewery freebsd_committer 2015-04-28 00:46:14 UTC
(In reply to mdhughes_us from comment #8)
> I am having the same problem after doing a portupgrade on 8.4-RELEASE-p18
> amd64 system.

Can you be more descriptive please? I am unable to reproduce any problems.

Please be sure you run 'make clean' in the directory before building. Then build and install it again.

It would be very helpful to know which options you are using from 'make pretty-print-config' and to have some debug output from ssh and sshd.
Comment 10 mdhughes_us 2015-04-28 01:33:49 UTC
(In reply to Bryan Drewery from comment #9)
After updating to the latest openssh-portable I'm not able to ssh to the system.

I have rebuild the port twice now with no change.

The output from the make pretty-print-config
-BSM -HPN -KERB_GSSAPI +LDNS +LIBEDIT +NONECIPHER -OVERWRITE_BASE -PAM -SCTP -TCP_WRAPPERS -X509 KERBEROS( -MIT -HEIMDAL -HEIMDAL_BASE ) 

If I do a ssh localhost I get the following error:
Bad packet length 16777219.
ssh_dispatch_run_fatal: message authentication code incorrect

Here is output with -vvv:
OpenSSH_6.8p1, OpenSSL 1.0.2a 19 Mar 2015
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug1: /usr/local/etc/ssh/ssh_config line 20: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8 FreeBSD-openssh-portable-6.8.p1_5,1
debug1: match: OpenSSH_6.8 FreeBSD-openssh-portable-6.8.p1_5,1 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /root/.ssh/known_hosts:10
debug3: load_hostkeys: loaded 1 keys from localhost
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug1: SSH2_MSG_KEXINIT sent
Bad packet length 16777219.
ssh_dispatch_run_fatal: message authentication code incorrect


If I tire it from another system running 8.3-RELESE-p4 I get the following:
ssh newlogcabin
Bad packet length 16777219.
Disconnecting: Packet corrupt

I also have tried ssh'ing from my wife's Windows 7 box using putty and it give a packet corrupt error also.

Debug output from /usr/local/sbin/sshd -Ddddd:
debug2: load_server_config: filename /usr/local/etc/ssh/sshd_config
debug2: load_server_config: done config len = 225
debug2: parse_server_config: config /usr/local/etc/ssh/sshd_config len 225
debug3: /usr/local/etc/ssh/sshd_config:19 setting Protocol 2
debug3: /usr/local/etc/ssh/sshd_config:65 setting ChallengeResponseAuthentication no
debug3: /usr/local/etc/ssh/sshd_config:110 setting Banner /etc/motd
debug3: /usr/local/etc/ssh/sshd_config:113 setting Subsystem sftp       /usr/local/libexec/sftp-server
debug1: sshd version OpenSSH_6.8, OpenSSL 1.0.2a 19 Mar 2015
debug1: private host key #0: ssh-rsa SHA256:r+nxO3l07AuEaVPixPuScRchNxp7ckVZ1dEcxOradwY
debug1: private host key #1: ssh-dss SHA256:/UjNdqPf5kC9lomfQbpYXo+ltlV+RbRxGmG3H2QN31g
debug1: private host key #2: ecdsa-sha2-nistp256 SHA256:heOMFzyZZ1oYOaF4p/zPVt7Mf2n+Frw23Zito+idZNQ
debug1: private host key #3: ssh-ed25519 SHA256:HRQZfA6TQRTh9ivzykkGr8svh/RFdh4uj+Da4sl+axE
debug1: rexec_argv[0]='/usr/local/sbin/sshd'
debug1: rexec_argv[1]='-Ddddd'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: fd 4 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 7 config len 225
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
debug1: inetd sockets after dupping: 3, 3
debug1: res_init()
Connection from 127.0.0.1 port 38472 on 127.0.0.1 port 22
debug1: Client protocol version 2.0; client software version OpenSSH_6.8
debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x04000000
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.8 FreeBSD-openssh-portable-6.8.p1_5,1
debug2: fd 3 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing rlimit sandbox
debug2: Network child is on pid 59224
debug3: preauth child monitor started
debug3: privsep user:group 22:22 [preauth]
debug1: permanently_set_uid: 22/22 [preauth]
debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: AUTH STATE IS 0 [preauth]
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 [preauth]
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth]
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: kex_parse_kexinit: first_kex_follows 0  [preauth]
debug2: kex_parse_kexinit: reserved 0  [preauth]
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]
debug2: kex_parse_kexinit: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss [preauth]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth]
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 [preauth]
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib [preauth]
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: kex_parse_kexinit: first_kex_follows 0  [preauth]
debug2: kex_parse_kexinit: reserved 0  [preauth]
debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]
debug1: kex: client->server aes128-ctr umac-64-etm@openssh.com none [preauth]
debug1: REQUESTED ENC.NAME is 'aes128-ctr' [preauth]
debug1: kex: server->client aes128-ctr umac-64-etm@openssh.com none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
Connection closed by 127.0.0.1 [preauth]
debug1: do_cleanup [preauth]
debug1: monitor_read_log: child log fd closed
debug3: mm_request_receive entering
debug1: do_cleanup
debug1: Killing privsep child 59224

Let me know if you need anything else from me.
Comment 11 Bryan Drewery freebsd_committer 2015-04-28 15:18:35 UTC
(In reply to mdhughes_us from comment #10)
> (In reply to Bryan Drewery from comment #9)
> Let me know if you need anything else from me.

Can you show me: grep Privi /usr/local/etc/ssh/sshd_config
Comment 12 Bryan Drewery freebsd_committer 2015-04-28 15:21:44 UTC
(In reply to Bryan Drewery from comment #11)
> (In reply to mdhughes_us from comment #10)
> > (In reply to Bryan Drewery from comment #9)
> > Let me know if you need anything else from me.
> 
> Can you show me: grep Privi /usr/local/etc/ssh/sshd_config

Can you also try building without NONECIPHER?
Comment 13 mdhughes_us 2015-04-28 22:41:25 UTC
(In reply to Bryan Drewery from comment #11)
grep Privi /usr/local/etc/ssh/sshd_config

#UsePrivilegeSeparation yes

I did a make config and unmarked NONECIPHER.  Did a make clean.  Then a make;make deinstall;make reinstall.  Did a /usr/local/etc/rc.d/openssh restart and I was able to ssh to localhost.  I was also able to ssh from my 8.3-RELEASE-p4 system.

Hope this helps figure this out.  Thanks for working on this so quickly!
Comment 14 Bryan Drewery freebsd_committer 2015-05-04 16:36:45 UTC
Both of your debug output shows "OpenSSL 1.0.2a" which means you're using the port OpenSSL. Please show me the output of 'ldd /usr/local/lib/libldns.so'. If it is linked against the base then it may be causing a conflict.

You may also be having problems due to compiling security/openssl with ASM. I suggest disabling that option. See also Bug #198788
Comment 15 mdhughes_us 2015-05-04 20:53:51 UTC
ldd /usr/local/lib/libldns.so

/usr/local/lib/libldns.so:
        libcrypto.so.8 => /usr/local/lib/libcrypto.so.8 (0x800c00000)
        libc.so.7 => /lib/libc.so.7 (0x800648000)
        libthr.so.3 => /lib/libthr.so.3 (0x800ed8000)
Comment 16 mdhughes_us 2015-05-04 21:00:12 UTC
I just checked and I don't have ASM X'ed in the config of openssl.
Comment 17 Bryan Drewery freebsd_committer 2015-05-06 17:14:57 UTC
Are these servers behind NAT or other firewalls or proxies?
Comment 18 Bryan Drewery freebsd_committer 2015-05-06 18:24:48 UTC
I figured out the issue. With the NONECIPHER option selected, but not HPN, the patch improperly places a NULL byte "(null)" in the server banner. You can see this with 'telnet host 22' and there will be a (null) on the 2nd line.

A fix will be committed shortly.
Comment 19 commit-hook freebsd_committer 2015-05-06 18:40:33 UTC
A commit references this bug:

Author: bdrewery
Date: Wed May  6 18:39:42 UTC 2015
New revision: 385541
URL: https://svnweb.freebsd.org/changeset/ports/385541

Log:
  Fix clients getting 'Bad packet length' and 'Disconnecting: Packet corrupt'
  when the NONECIPHER option is selected but not the HPN option.  The server
  banner was improperly sending a NULL byte after the newline causing confusion
  on the client.  This was an error in my own modifications to the HPN patch
  in r383231.

  This may have occurred with stale builds as well, such as running
  'make configure' then 'portsnap update' and then 'make build'.

  Pointyhat to:	bdrewery
  Reported by:	many
  PR:		199352

Changes:
  head/security/openssh-portable/Makefile
  head/security/openssh-portable/files/extra-patch-hpn
Comment 20 Bryan Drewery freebsd_committer 2015-05-06 18:40:56 UTC
Please test 6.8.p1_6,1 and let me know if this resolves the issues.
Comment 21 mdhughes_us 2015-05-06 22:59:42 UTC
I updated the port and did a make config to add NONECIPHER.  Did a make install, /usr/local/etc/rc.d/openssh restart.  Went to my 8.3-RELEASE-p4 and was able to ssh to my main system.  Thanks for finding this so quickly!
Comment 22 Bryan Drewery freebsd_committer 2015-05-06 23:01:30 UTC
Received 2 success reports so far. Closing.