Soekris 4801+VPN1411+OpenBSD 4.0 = Corrupted MAC on Input
Aftermath Fan
BIOS version is 1.28 (the latest).
NICs sis0 and sis1 both have frequent "Corrupted MAC on input" when I
ssh to them. I am sshing from a Linux box:
$ ssh ro...@192.168.1.2
Received disconnect from 192.168.1.2: 2: Corrupted MAC on input.
$
Based on some googling (specifically
http://groups.google.com/group/lucky.openbsd.misc/browse_thread/thread/7788599ea6cd1385/cebdbea1a36fac2b?lnk=st&q=openbsd+soekris+corrupted+mac&rnum=1#cebdbea1a36fac2b),
it appears that
-o Ciphers=blowfish-cbc
alleviates the problem, though that's just something I'm trying based
on posts I've seen elsewhere and I haven't completely tested it. I'm a
little out of my depth here.
This issue seems to have been around off and on since 2004 - is there
a patch or fix I've missed? Thanks.
Christian Weisgerber
> I have a Soekris 4801 with a VPN1411 card running OpenBSD 4.0. The
> BIOS version is 1.28 (the latest).
>
> NICs sis0 and sis1 both have frequent "Corrupted MAC on input" when I
> ssh to them. I am sshing from a Linux box:
Judging from the recurring reports, the vpn1411 simply doesn't work
reliably in the Soekris.
> it appears that
>
> -o Ciphers=blowfish-cbc
>
> alleviates the problem,
hifn(4) doesn't support Blowfish, so that's a surefire way to switch
to software crypto.
--
Christian "naddy" Weisgerber na...@mips.inka.de