Received disconnect from 1.2.3.4: 2: Corrupted MAC on input.
Looking at debug output, it seems like it is using "umac-64@openssh.com" as MAC algorithm. Forcing it to use something else works around the problem.
When using ssh directly, you can use this: (Other options should work as well, this one worked for me)
ssh -o 'MACs hmac-sha1-96' user@host
or
ssh -m hmac-sha1-96 user@host
When using rsync, you need to put one of the strings above in the --rsh parameter:
rsync --rsh="ssh -m hmac-sha1-96 user@host" :/remote-source /local-dest
A more permanent option is to add the setting to the ssh_config file. This is either /etc/ssh_config (affecting all users) or ~/.ssh/config.
A line using a modified set based on the defaults for my SSH version is:
MACs umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
You can find the problematic MAC by running
ssh -v user@host-that-disconnects-you 2>&1 | grep mac
No comments:
Post a Comment