diff --git a/ssh/auth1.c b/ssh/auth1.c
index a859edb..5e5621c 100644
--- a/ssh/auth1.c
+++ b/ssh/auth1.c
@@ -109,7 +109,7 @@ auth1_process_password(struct ssh *ssh, char *info, size_t infolen)
 {
 	Authctxt *authctxt = ssh->authctxt;
 	int r, authenticated = 0;
-	char *password;
+	u_char *password;
 	size_t dlen;
 
 	/*
@@ -117,7 +117,7 @@ auth1_process_password(struct ssh *ssh, char *info, size_t infolen)
 	 * transmitted over the encrypted channel so it is
 	 * not visible to an outside observer.
 	 */
-	if ((r = sshpkt_get_cstring(ssh, &password, &dlen)) != 0 ||
+	if ((r = sshpkt_get_string(ssh, &password, &dlen)) != 0 ||
 	    (r = sshpkt_get_end(ssh)) != 0)
 		fatal("%s: %s", __func__, ssh_err(r));
 
@@ -223,11 +223,11 @@ auth1_process_tis_response(struct ssh *ssh, char *info, size_t infolen)
 {
 	Authctxt *authctxt = ssh->authctxt;
 	int authenticated = 0;
-	char *response;
+	u_char *response;
 	size_t dlen;
 	int r;
 
-	if ((r = sshpkt_get_cstring(ssh, &response, &dlen)) != 0 ||
+	if ((r = sshpkt_get_string(ssh, &response, &dlen)) != 0 ||
 	    (r = sshpkt_get_end(ssh)) != 0)
 		fatal("%s: %s", __func__, ssh_err(r));
 	authenticated = verify_response(authctxt, response);