Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Cannot Reproduce
-
1.6.0
-
None
Description
It seems like the SFTP server in sshd does not handle HMAC SHA-2-512 very well. If I set up a server which only accepts that HMAC, the server closes the connection as soon as I connect with a client.
The server throws an exception in AbstractSession (row 1380) before closing the connection:
// Check the computed result with the received mac (just after the packet data) if (!BufferUtils.equals(inMacResult, 0, data, decoderLength + 4, macSize)) { throw new SshException(SshConstants.SSH2_DISCONNECT_MAC_ERROR, "MAC Error"); }
If I switch the HMAC to SHA-2-256 everything works ok.
I've attached a sample program which sets up a server. I've tested with a couple of different clients and all of them exposes the error in the server.