sshd: invalid public DH value



Has anybody seen these in their logs?

Dec DD HH:MM:SS web sshd[1979]: invalid public DH value: <= 1
Dec DD HH:MM:SS web sshd[1979]: Disconnecting: bad client public DH value

Any idea what they mean? We get lots of ssh probes, most of which can
be ignored, but I've never seen this sshd message before.
Could somebody be probing for a buffer overflow?

We're running, "OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009", on Linux,
kernel 2.6.24-26.



Relevant Pages

  • Re: [PATCH] x86: Add an option to disable decoding of MCE
    ... not compile EDAC in your kernels ...  These decoders can easily spam our logs and cause space ... with a large number of machines, how do you do the mapping from the DRAM ... fleshing out MCE decoding in the kernel was to avoid needless trouble ...
    (Linux-Kernel)
  • Re: rc6 keeps hanging and blanking displays
    ... it does sound like your X server is doing something nasty on the PCI ... > the kernel. ... The X.org logs also got further, ... Loading sub module "vgahw" ...
    (Linux-Kernel)
  • Re: noisy edac
    ... > into the kernel. ... > offer the user two options: either printk() or be silent. ... looking in the logs it allows all of the errors to be detected and harvested. ...
    (Linux-Kernel)
  • Re: sarge->etch upgrade hits dependency hell
    ... I think udev wants a kernel>= 2.6.15, ... morning, X did come up, XDM gave me a login window, and it allowed me ... another login window, which worked too. ... I've checked the logs - nothing suspicious, ...
    (Debian-User)
  • Re: # 16881 [REGRESSION, Radeon-KMS] 2.6.36-rc1,2 - graphic issues in 0 A.D.
    ... Please note that in both cases only kernel was different. ... the logs together with bisecting results. ... that includes drm patches from the first drm pull). ... About the logs. ...
    (Linux-Kernel)