Ticket #83 (closed defect: duplicate)

Opened 8 years ago

Last modified 7 years ago

Unable to exchange encryption keys

Reported by: anonymous Owned by: bagder
Priority: normal Milestone:
Component: crypto Version: 1.0
Keywords: Cc: bagder
Blocked By: Blocks:

Description

I'm using php-ssh2 to attempt to connect to an extreme networks router,
getting the following:
Error starting up SSH connection(-5): Unable to exchange encryption keys

any ideas what a solution for this might be?
I know that this router is "odd" even openssh to this router behaves
badly.

[adam@x]$ ssh -V
OpenSSH_5.0p1, OpenSSL 0.9.7l 28 Sep 2006
[adam@x]$ ssh adam@rooter
Keyboard-interactive authentication
Enter password for adam:
channel 0: open failed: resource shortage: Channel open failed

openssh <= 4.6 however works fine

this is discussed a bit here: http://marc.info/?l=openssh-unix-dev&m=120904151220470&w=2

Any ideas how to wedge libssh2 to get it to play nicely with this
router?
I've tested with libssh2-0.18, 1.0 and the latest snap with identical
results.

I've also tried adjusting the kex methods with no results as well as
fiddling with the other parameters (but I don't think we get anywhere
to the point where anything other than the kex matters?).

I'm available to test patches or anything else.

[libssh2] Transport: session_startup for socket 3
[libssh2] Transport: Sending Banner: SSH-2.0-libssh2_1.0.1-20081230
[libssh2] Transport: Received Banner: SSH-2.0-4.1.2 SSH Secure Shell
Toolkit
[libssh2] Key Exchange: Sent KEX: diffie-hellman-group14-sha1,diffie-
hellman-group-exchange-sha1,diffie-hellman-group1-sha1
[libssh2] Key Exchange: Sent HOSTKEY: ssh-rsa,ssh-dss
[libssh2] Key Exchange: Sent CRYPT_CS: aes256-cbc,rijndael-cbc@…
,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour,cast128-cbc,3des-cbc,none
[libssh2] Key Exchange: Sent CRYPT_SC: aes256-cbc,rijndael-cbc@…
,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour,cast128-cbc,3des-cbc,none
[libssh2] Key Exchange: Sent MAC_CS: hmac-sha1,hmac-sha1-96,hmac-
md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@…,none
[libssh2] Key Exchange: Sent MAC_SC: hmac-sha1,hmac-sha1-96,hmac-
md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@…,none
[libssh2] Key Exchange: Sent COMP_CS: none,zlib
[libssh2] Key Exchange: Sent COMP_SC: none,zlib
[libssh2] Key Exchange: Sent LANG_CS:
[libssh2] Key Exchange: Sent LANG_SC:
=> libssh2_packet_write plain (578 bytes)
=> libssh2_packet_write send() (592 bytes)
[libssh2] Transport: Looking for packet of type: 20
[libssh2] Transport: May block until packet of type 20 becomes available
=> libssh2_packet_read() raw (424 bytes)
=> libssh2_packet_read() plain (411 bytes)
[libssh2] Transport: Packet type 20 received, length=411
[libssh2] Transport: Looking for packet of type: 20
[libssh2] Key Exchange: Agreed on KEX method: diffie-hellman-group1-sha1
[libssh2] Key Exchange: Agreed on HOSTKEY method: ssh-dss
[libssh2] Key Exchange: Agreed on CRYPT_CS method: aes256-cbc
[libssh2] Key Exchange: Agreed on CRYPT_SC method: aes256-cbc
[libssh2] Key Exchange: Agreed on MAC_CS method: hmac-sha1
[libssh2] Key Exchange: Agreed on MAC_SC method: hmac-sha1
[libssh2] Key Exchange: Agreed on COMP_CS method: none
[libssh2] Key Exchange: Agreed on COMP_SC method: none
[libssh2] Key Exchange: Agreed on LANG_CS method:
[libssh2] Key Exchange: Agreed on LANG_SC method:
[libssh2] Key Exchange: Initiating Diffie-Hellman Group1 Key Exchange
[libssh2] Key Exchange: Sending KEX packet 30
=> libssh2_packet_write plain (133 bytes)
=> libssh2_packet_write send() (144 bytes)
[libssh2] Transport: Looking for packet of type: 31
[libssh2] Transport: May block until packet of type 31 becomes available
=> libssh2_packet_read() raw (1032 bytes)
=> libssh2_packet_read() plain (1000 bytes)
[libssh2] Transport: Packet type 31 received, length=1000
[libssh2] Transport: Looking for packet of type: 31
[libssh2] Key Exchange: Server's MD5 Fingerprint: cc:a6:ba:
33:4f:a7:c2:f4:66:b1:05:5f:b2:5a:d5:f7
[libssh2] Key Exchange: Server's SHA1 Fingerprint: 2f:be:
14:55:a2:f4:59:e1:1a:87:d4:f4:4d:7a:b8:97:c0:5d:b0:9d
[libssh2] Failure Event: -14 - Invalid DSS signature length
[libssh2] Failure Event: -11 - Unable to verify hostkey signature
[libssh2] Failure Event: -8 - Unrecoverable error exchanging keys
[libssh2] Failure Event: -5 - Unable to exchange encryption keys

Change History

comment:1 Changed 8 years ago by bagder

This seems to be the hostkey_method_ssh_dss_sig_verify() function (in the 1.1 release) that thinks the "dss signature" isn't exactly 40 bytes and thus wrong...

Can you figure out how long sig it tries to use there? Perhaps we can deduce something from that...

comment:2 Changed 7 years ago by stuge

  • Resolution set to duplicate
  • Status changed from assigned to closed
  • Version set to 1.0

Duplicate of #51 so please see if you can reproduce with 1.2.3 or a later version, and reopen #51 in that case.

Note: See TracTickets for help on using tickets.