[j-nsp] [EXT] aes-gcm SSH ciphers broken in JunOS >=12.3R12-S13.1

Anderson, Charles R cra at wpi.edu
Wed Jan 15 09:00:21 EST 2020


I ran into this as well and found the workaround, but hadn't yet gotten around to analyzing the exact situation as thoroughly as you have.  I'll open a case and see what they say.  Thanks.

On Wed, Jan 15, 2020 at 02:03:22PM +0100, Tore Anderson wrote:
> Note the addition of aes128-gcm at openssh.com and aes256-gcm at openssh.com. These are advertised by 12.3R12-S13.1 as well.
> 
> The Fedora OpenSSH client will use aes256-gcm at openssh.com by default when supported by the server, and this fails with the above error message. So does aes128-gcm at openssh.com.
> 
> Explicitly selecting another cipher works, e.g.:
> 
> ssh -o Ciphers=chacha20-poly1305 at openssh.com <switch>
> 
> Didn't find any KB article about this issue, so I thought I'd post here in case any Juniper employee would like to report it internally, as I'm guessing others will run into the same issue eventually. (My old switches are long out of support, so I can't open a JTAC case.)


More information about the juniper-nsp mailing list