Hi Peter,
I'm happy to help but my responses may be delayed as I'm getting ready to head out for a few days of vacation (leaving in 12 hours)
-------- original message --------
> Subject: Re: error: Corrupted MAC on input. [preauth]
> Date: Wed, May 19, 2021 1:23 pm
>
> Hi Eric,
>
> > I have an embedded linux project using buildroot which I've included
> > libssh2 in. The current configuration also is using dropbear.
> > I am attempting to use curl with scp to retrieve a file stream but am
> > getting an error.
>
> Thank you for reporting! If master still has this issue we need to fix it
> before release, which should be quite soon.
>
>
> > curl: (2) Failure establishing ssh session: -43,
> > I turned sshd debug up to level 3 and see: the error
> > Corrupted MAC on input. [preauth] (full error log at end of this post)
> ..
> > sshd[361421]: debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none [preauth]
> ..
> > sshd[361421]: debug1: SSH2_MSG_NEWKEYS received [preauth]
> > sshd[361421]: debug2: set_newkeys: mode 0 [preauth]
> > sshd[361421]: debug1: rekey in after 4294967296 blocks [preauth]
> > sshd[361421]: debug1: KEX done [preauth]
> > sshd[361421]: Corrupted MAC on input. [preauth]
>
> Please provide us with more information:
>
> What processor does your embedded system have? In particular endianess
> and native bit size (32/64?)
>
# cat /proc/cpuinfo
processor : 0
model name : ARMv7 Processor rev 1 (v7l)
BogoMIPS : 33.00
Features : half thumb fastmult vfp edsp vfpv3 vfpv3d16 tls vfpv4
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x0
CPU part : 0xc05
CPU revision : 1
Hardware : Atmel SAMA5
Revision : 0000
Serial : 0000000000000000
# file /bin/busybox
/bin/busybox: ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, BuildID[sha1]=51f5566abbeca4cee5e53734090d7d37b33deedb, for GNU/Linux 3.2.0, stripped
>
> What MAC is negotiated by the dropbear and OpenSSH clients you tested?
>
Dropbear:
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: Remote protocol version 2.0, remote software version dropbear_2018.76
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: no match: dropbear_2018.76
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: fd 4 setting O_NONBLOCK
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: ssh_sandbox_init: preparing seccomp filter sandbox
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: Network child is on pid 444609
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: preauth child monitor started
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: privsep user:group 126:65534 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: permanently_set_uid: 126/65534 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: send packet: type 20 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: SSH2_MSG_KEXINIT sent [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: receive packet: type 20 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: SSH2_MSG_KEXINIT received [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: local server KEXINIT proposal [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: KEX algorithms: curve25519-sha256,
curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: compression ctos: none,
zlib@openssh.com [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: compression stoc: none,
zlib@openssh.com [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: languages ctos: [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: languages stoc: [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: first_kex_follows 0 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: reserved 0 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: peer client KEXINIT proposal [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: KEX algorithms: curve25519-sha256,
curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,
kexguess2@matt.ucc.asn.au [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: host key algorithms: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: ciphers ctos: aes128-ctr,aes256-ctr [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: ciphers stoc: aes128-ctr,aes256-ctr [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: MACs ctos: hmac-sha1,hmac-sha2-256 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: MACs stoc: hmac-sha1,hmac-sha2-256 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: compression ctos: none [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: compression stoc: none [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: languages ctos: [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: languages stoc: [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: first_kex_follows 1 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: reserved 0 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: kex: algorithm: curve25519-sha256 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: none [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: none [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: proposal mismatch: my rsa-sha2-512 peer ecdsa-sha2-nistp256 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: receive packet: type 30 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: skipped packet (type 30) [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: receive packet: type 30 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: mm_sshkey_sign entering [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: mm_request_send entering: type 6 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: mm_request_receive_expect entering: type 7 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: mm_request_receive entering [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: mm_request_receive entering
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: monitor_read: checking request 6
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: mm_answer_sign
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: mm_answer_sign: KEX signature 0x558f6f6bf4e0(99)
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: mm_request_send entering: type 7
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: monitor_read: 6 used once, disabling now
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: send packet: type 31 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: send packet: type 21 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: set_newkeys: mode 1 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: rekey out after 4294967296 blocks [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug3: receive packet: type 21 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: SSH2_MSG_NEWKEYS received [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug2: set_newkeys: mode 0 [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: rekey in after 4294967296 blocks [preauth]
May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: KEX done [preauth]
OpenSSH:
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: Remote protocol version 2.0, remote software version OpenSSH_8.5
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: match: OpenSSH_8.5 pat OpenSSH* compat 0x04000000
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: fd 4 setting O_NONBLOCK
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: ssh_sandbox_init: preparing seccomp filter sandbox
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: Network child is on pid 3355910
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: preauth child monitor started
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: privsep user:group 126:65534 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: permanently_set_uid: 126/65534 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: send packet: type 20 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: SSH2_MSG_KEXINIT sent [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: receive packet: type 20 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: SSH2_MSG_KEXINIT received [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: local server KEXINIT proposal [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: KEX algorithms: curve25519-sha256,
curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: compression ctos: none,
zlib@openssh.com [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: compression stoc: none,
zlib@openssh.com [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: languages ctos: [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: languages stoc: [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: first_kex_follows 0 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: reserved 0 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: peer client KEXINIT proposal [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: KEX algorithms: curve25519-sha256,
curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: host key algorithms:
ssh-ed25519-cert-v01@openssh.com,
ecdsa-sha2-nistp256-cert-v01@openssh.com,
ecdsa-sha2-nistp384-cert-v01@openssh.com,
ecdsa-sha2-nistp521-cert-v01@openssh.com,
sk-ssh-ed25519-cert-v01@openssh.com,
sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
rsa-sha2-512-cert-v01@openssh.com,
rsa-sha2-256-cert-v01@openssh.com,
ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
sk-ssh-ed25519@openssh.com,
sk-ecdsa-sha2-nistp256@openssh.com,rsa-
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: compression ctos: none,
zlib@openssh.com,zlib [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: compression stoc: none,
zlib@openssh.com,zlib [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: languages ctos: [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: languages stoc: [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: first_kex_follows 0 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: reserved 0 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: kex: algorithm: curve25519-sha256 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: kex: host key algorithm: ssh-ed25519 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: kex: client->server cipher:
chacha20-poly1305@openssh.com MAC: <implicit> compression: none [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: kex: server->client cipher:
chacha20-poly1305@openssh.com MAC: <implicit> compression: none [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: receive packet: type 30 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: mm_sshkey_sign entering [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: mm_request_send entering: type 6 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: mm_request_receive_expect entering: type 7 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: mm_request_receive entering [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: mm_request_receive entering
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: monitor_read: checking request 6
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: mm_answer_sign
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: mm_answer_sign: KEX signature 0x561a4dcd9d10(83)
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: mm_request_send entering: type 7
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: monitor_read: 6 used once, disabling now
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: send packet: type 31 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: send packet: type 21 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: set_newkeys: mode 1 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: rekey out after 134217728 blocks [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: Sending SSH2_MSG_EXT_INFO [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: send packet: type 7 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug3: receive packet: type 21 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: SSH2_MSG_NEWKEYS received [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug2: set_newkeys: mode 0 [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: rekey in after 134217728 blocks [preauth]
May 19 17:24:01 eric-Precision-7520 sshd[3355904]: debug1: KEX done [preauth]
> Are results identical with a server running an unpatched upstream OpenSSH?
>
Unfortunately, I do not have a server running this version. My sshd server is
OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020
-Eric