Re: USB-serial adapter suggestions needed

From: Mark Millard <marklmi_at_yahoo.com>
Date: Tue, 26 Dec 2023 01:04:47 UTC
On Dec 25, 2023, at 09:45, bob prohaska <fbsd@www.zefox.net> wrote:

> On Sun, Dec 24, 2023 at 01:31:56PM -0800, Joseph Holsten wrote:
>> Okay you all, where should all this great info go in the docs?
> 
> Probably under the heading of "inexplicable miscellany" 8-)
> 
> In the meantime there's been a new development, maybe.
> 
> Overnight all four of my ft232 usb-serial sessions dropped their ssh
> connections. In addition, one session using pl2303 dropped also, the
> two remaining pl2303 sessions remained up.
> 
> On trying to reconnect via ssh to the host using the pl2303 adapter,
> the first connection worked with a long authentication delay but a
> second connection reported
> 
> bob@ns2:~ % top
> Corrupted MAC on input.
> ssh_dispatch_run_fatal: Connection to 50.1.20.30 port 22: message authentication code incorrect

Are there other historical examples of usch messages shown by:

# more /var/log/auth.log

FYI:

# ssh -Q mac
you have mail
hmac-sha1
hmac-sha1-96
hmac-sha2-256
hmac-sha2-512
hmac-md5
hmac-md5-96
umac-64@openssh.com
umac-128@openssh.com
hmac-sha1-etm@openssh.com
hmac-sha1-96-etm@openssh.com
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-md5-etm@openssh.com
hmac-md5-96-etm@openssh.com
umac-64-etm@openssh.com
umac-128-etm@openssh.com

When I looked I saw references to system load being an issue
and switching from the likes of a more expensive:

hmac-sha1-etm@openssh.com

to:

umac-64-etm@openssh.com

solving that message and such broken pipe issues for at least
some contexts.

# ssh -vvvv NODEID

apparently reports what is used in its debug output.

You might try something analogous to:

# ssh -o macs=umac-64-etm@openssh.com <mailto:macs=umac-64-etm@openssh.com> NODEID

Apparently one can use MACs lines in /etc/ssh/sshd_config to control
what is used by default.

NOTE: I'm not expert in this. https://en.wikipedia.org/wiki/UMAC reports:

QUOTE
A specific type of UMAC, also commonly referred to just UMAC, is specified in RFC 4418, it has provable cryptographic strength and is usually a lot less computationally intensive than other MACs. UMAC's design is optimized for 32-bit architectures with SIMD support, with a performance of 1 CPU cycle per byte (cpb) with SIMD and 2 cpb without SIMD. A closely related variant of UMAC that is optimized for 64-bit architectures is given by VMAC, which has been submitted to the IETF as a draft (draft-krovetz-vmac-01) but never gathered enough attention for becoming a standardized RFC.
END QUOTE

There may be better macs=??? alternatives for the RPi2B v1.1 for all I know.

> This host is a Pi2v1.1 armv7 running 12.4-STABLE FreeBSD 12.4-STABLE r373269 GENERIC  arm
> 
> Re-try was successful, but I've never seen that error message before, does anybody
> recognize it?
> 
> Three of the four restored ftdi sessions had garbage characters mixed up with the login
> prompt, one was clean and the restored pl2303 session was clean.
> 
> The two pl2303 sessions that remained connected showed no upset of any kind.





===
Mark Millard
marklmi at yahoo.com