PuTTY artifact host-key-sig-verify-fail

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Privacy | Changes | Wishlist

We've had several as-yet-unexplained reports of this (SSH-2 specific) error message, which may represent a bug in PuTTY or in an SSH server, or perhaps data corruption in between. They've been difficult to reproduce.

To determine for sure whether the problem lies in PuTTY or not, we need extra information from a diagnostic build which we can provide, as well as the ordinary SSH packet log.

• <[email protected]>
  WinXP, 0.55, "OpenSSH_3.6.1p2 Debian 1:3.6.1p2-9" & "OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8"; problem went away on its own after a while
  Depended on where session was run from (firewall/proxy probs?)
  With packet log
• <[email protected]>
  WinXP, 2005-01-31:r5331 and "older versions"; unknown server; appears specific to client machine
• <[email protected]>
  0.56/0.57, "OpenSSH_3.4p1"
  <[email protected]>:
  Packet log and exchange hash (unfortunately this was the wrong diagnostic)
• [email protected]
  0.58; "SSH-2.0-SAP"; connecting to 127.0.0.1:22
• [email protected]
  0.58; "SSH-2.0-4.1.2 SSH Secure Shell Toolkit"
• [email protected]
  0.57; SSH server was running on port 21 in a restricted environment, and other protocols reported corruption; this went away when moving to port 443
• <[email protected]>
  0.57, OpenSSH_3.8.1p1
  <[email protected]>:
  SSH packet log with DH private value (to be analysed)

One interesting report had both this SSH-2 failure, and the SSH-1 failure "Incorrect CRC received on packet", occurring reproducibly on the same machine, and no other. Some further digging into the SSH-1 problem by our correspondent indicated that PuTTY's rsaencrypt() function was playing up; and they found that with their compiler ("Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 13.10.3077 for 80x86") adding /Od (disable all optimisations) made the problem go away.
<[email protected]> et seq