1 |
On Tue, 7 Jul 2009 02:31:38 Simon wrote: |
2 |
> Hi there! |
3 |
> I'm getting this issue where even very small transfers through ssh |
4 |
> will cause this error message: Corrupted MAC on input. I've done my |
5 |
> homework and found out this is not necessarily related to the network |
6 |
> hardware as TCP would retransmit such corrupted packets, moreover the |
7 |
> error message is clearly related to ssh as googling proves this. |
8 |
> |
9 |
> A quick troubleshooting i've done was to setup apache and simply |
10 |
> wget a very large file over plain HTTP. Transfer worked, i did it a |
11 |
> second time and diff'ed the two downloads, they were the same. I then |
12 |
> did the same test over HTTPS and got an error |
13 |
> (SSL3_GET_RECORD:decryption failed or bad record mac). This clarified |
14 |
> the problem is much more related to SSL than anything else. |
15 |
> |
16 |
> A quick glance at `emerge -vp openssl` showed an issue: it had been |
17 |
> compiled with sse2 support while this computer's cpu didnt support |
18 |
> that. Changed use flags and recompiled, restarted ssh and apache. |
19 |
> They both continued giving the same error. I finally rebooted the |
20 |
> machine, in case, but same issue still... The only use flag for |
21 |
> openssl now is zlib. |
22 |
|
23 |
|
24 |
What did you recompile? There may still be a library using the "sse2" flag. |
25 |
|
26 |
Have you tried using the "--newuse" or "--reinstall changed-use" emerge flags? |
27 |
|
28 |
|
29 |
-- |
30 |
Reverend Paul Colquhoun, ULC. http://andor.dropbear.id.au/~paulcol |
31 |
Before you criticize someone, you should walk a mile in their shoes. |
32 |
Then, when you do, you'll be a mile away, and you'll have their shoes. |