I'm also having this problem. Some searching shows that the pycrypto folks believe that this should be fixed in paramiko:
https://github.com/dlitz/pycrypto/issues/149 A fellow who found a workaround on the paramiko side notes that the pycrypto comments in AES.py are wrong now: http://uucode.com/blog/2015/02/20/workaround-for-ctr-mode-needs-counter-parameter-not-iv/ Despite that, I think I agree that paramiko needs to change. The problem is that this is a stable distribution, and the patch that causes this problem, used to fix #849495, is really just attempting to prevent bad usage by other programs, not inherently fixing a security flaw. In addition, the CTR component isn't actually dangerous, just "confusing". I propose that you remove the following from src/block_template.c: ++ if (IVlen != 0 && mode == MODE_CTR) ++ { ++ PyErr_Format(PyExc_ValueError, ++ "CTR mode needs counter parameter, not IV"); ++ return NULL; ++ } Leave the rest. That will still force it to die on the more dangerous ECB misuse, but doesn't cause unexpected breakage in other packages that are relying on being able to take shortcuts sending an IV string even where one isn't needed. Regards, Zed
