Background:
When I use putty connecting to my freebsd box. it says: "Incorrect MAC received on packet".
1. What's the problem
I googled this info. http://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html#faq-incorrect-mac
A.7.1 Why do I see ‘Incorrect MAC received on packet’?
One possible cause of this that used to be common is a bug in old SSH-2 servers distributed by ssh.com. (This is not the only possible cause; see section 10.12 in the documentation.) Version 2.3.0 and below of their SSH-2 server constructs Message Authentication Codes in the wrong way, and expects the client to construct them in the same wrong way. PuTTY constructs the MACs correctly by default, and hence these old servers will fail to work with it.
If you are using PuTTY version 0.52 or better, this should work automatically: PuTTY should detect the buggy servers from their version number announcement, and automatically start to construct its MACs in the same incorrect manner as they do, so it will be able to work with them.
If you are using PuTTY version 0.51 or below, you can enable the workaround by going to the SSH panel and ticking the box labelled ‘Imitate SSH2 MAC bug’. It's possible that you might have to do this with 0.52 as well, if a buggy server exists that PuTTY doesn't know about.
In this context MAC stands for Message Authentication Code. It's a cryptographic term, and it has nothing at all to do with Ethernet MAC (Media Access Control) addresses.
And http://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter10.html#errors-crc
10.12 ‘Incorrect CRC received on packet’ or ‘Incorrect MAC received on packet’
This error occurs when PuTTY decrypts an SSH packet and its checksum is not correct. This probably means something has gone wrong in the encryption or decryption process. It's difficult to tell from this error message whether the problem is in the client, in the server, or in between.
In particular, if the network is corrupting data at the TCP level, it may only be obvious with cryptographic protocols such as SSH, which explicitly check the integrity of the transferred data and complain loudly if the checks fail. Corruption of protocols without integrity protection (such as HTTP) will manifest in more subtle failures (such as misdisplayed text or images in a web browser) which may not be noticed.
A known server problem which can cause this error is described in question A.7.16 in the FAQ.
2. So, how to fix it
I use freebsd 8.2 release, and putty 0.60.
I don't think it's the putty or freebsd's ssh problem, because i use freebsd+putty very happy for many years.
Then i check the freebsd box's hardware.
ifconfig
age0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=c319b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,
WOL_MCAST,WOL_MAGIC,VLAN_HWTSO,LINKSTATE>
ether 00:1f:c6:c7:f0:61
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
the age0 interface is TSO enabled.
so ,i tried disabled it.
ifconfig age0 -tso
Yes, it worked.
then i googled this :
kern/154959: age: "Bad packet length xxxxx, Disconnecting: Packet corrupt" (unless TSO, rxcsum, txcsum are disabled)
Date: 2012-01-01 02:30:22 and last modified: 2012-01-14 23:04:06
Recent entries:
- Emacs rainbow mode
- Squirm a url rewriter for squid
- How to use rsync for transferring files over ssh
- Vide: GRE tunnel
- Video: how to install freebsd
- Video: Install zend framework
- Video: Install Window7 from network
- Install Window7 from a PXE Boot server (Linux/FreeBSD)
- Create GRE tunnel with FreeBSD8
- What's cooking for FreeBSD 9