[Libssh] libssh server mode decryption errors

Aris Adamantiadis aris at 0xbadc0de.be
Mon Mar 3 22:46:07 CET 2008 

Brendan Gannon a écrit :
> Hi,
> 
> I'm using the libssh 0.2 release, running the samplesshd code.
> 
> I'm connecting to the server using OpenSSH_4.5p1 (but I've also 
> confirmed this is an issue using Putty on Windows).
> 
> Everything works fine when AES-128 or Blowfish are the cipher, eg using 
> the following command:
> $ ssh -c aes128-cbc -p 22223 admin at localhost
> 
> But when the cipher is AES-192, AES-256 or 3DES, eg
> $ ssh -c aes256-cbc -p 22223 admin at localhost
> the first decryption after SSH_MSG_NEWKEYS is received gets corrupted 
> and the connection is closed.
> 
> Interestingly, using the samplessh app to connect to the server, it has 
> no decryption problem.
> 
> Does anyone on the list have any idea where the problem lies? I've 
> included the server output for AES-256 at the end of the mail.
> 
> Any help is much appreciated.
> 
> Cheers,
> 
> Brendan
> 
> Also, the small patch following is needed to get the server mode working:
> 
> --- libssh/server.c.orig        2007-11-15 10:46:47.000000000 +1100
> +++ libssh/server.c     2007-11-15 10:47:11.000000000 +1100
> @@ -150,6 +150,7 @@ SSH_SESSION *ssh_bind_accept(SSH_BIND *s
>      session->options=ssh_options_copy(ssh_bind->options);
>      session->dsa_key=dsa;
>      session->rsa_key=rsa;
> +    session->alive=1;
>      return session;
>  }
> 
> *** Server output using AES-256 ***
> 
> Dsa private key read successfuly
> RSA private key read successfuly
> Socket connecté : 4
> find_matching("ssh-dss,ssh-rsa","ssh-dss,ssh-rsa") = "ssh-dss"
> kex algos : diffie-hellman-group1-sha1
> server host key algo : ssh-dss,ssh-rsa
> encryption client->server : 
> aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
> encryption server->client : 
> aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
> mac algo client->server : hmac-sha1
> mac algo server->client : hmac-sha1
> compression algo client->server : none,zlib
> compression algo server->client : none,zlib
> languages client->server :
> languages server->client :
> Writing on the wire a packet having 247 bytes before,247 bytes after 
> comp + 4 padding bytes = 252 bytes packet
> size decrypted : 1c4
> Read a 452 bytes packet
> 6 bytes padding, 451 bytes left in buffer
> After padding, 445 bytes left in buffer
> Final size 445
> type 20
> kex algos : 
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> server host key algo : ssh-rsa,ssh-dss
> encryption client->server : aes256-cbc
> encryption server->client : aes256-cbc
> mac algo client->server : 
> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> mac algo server->client : 
> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
> compression algo client->server : none,zlib at openssh.com,zlib
> compression algo server->client : none,zlib at openssh.com,zlib
> languages client->server :
> languages server->client :
> find_matching("aes256-cbc","aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc") 
> = "aes256-cbc"
> Set output algorithm aes256-cbc
> find_matching("aes256-cbc","aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc") 
> = "aes256-cbc"
> Set input algorithm aes256-cbc
> find_matching("aes256-cbc","aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc") 
> = "aes256-cbc"
> find_matching("aes256-cbc","aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc") 
> = "aes256-cbc"
> find_matching("ssh-rsa,ssh-dss","ssh-dss,ssh-rsa") = "ssh-rsa"
> size decrypted : 8c
> Read a 140 bytes packet
> 6 bytes padding, 139 bytes left in buffer
> After padding, 133 bytes left in buffer
> Final size 133
> type 30
> Importing a 1024 bits,128 bytes object ...
> 1024 bits, 128 bytes, 1 padding
> 1021 bits, 128 bytes, 0 padding
> 1024 bits, 128 bytes, 1 padding
> 1024 bits, 128 bytes, 1 padding
> Writing on the wire a packet having 690 bytes before,690 bytes after 
> comp + 9 padding bytes = 700 bytes packet
> Writing on the wire a packet having 1 bytes before,1 bytes after comp + 
> 10 padding bytes = 12 bytes packet
> SSH_MSG_NEWKEYS sent
> size decrypted : c
> Read a 12 bytes packet
> 10 bytes padding, 11 bytes left in buffer
> After padding, 1 bytes left in buffer
> Final size 1
> type 21
> Got SSH_MSG_NEWKEYS
> 1024 bits, 128 bytes, 1 padding
> Decrypting 16 bytes data
> size decrypted : ff08c1f
> error : read_packet(): Packet len too high(267422751ld 0ff08c1f)
> 
> 
> _______________________________________________
> Libssh mailing list
> Libssh at cerkinfo.be
> http://www.cerkinfo.be/cgi-bin/mailman/listinfo/libssh
Hello,
It is resolved in the current SVN.

Regards,
Aris

More information about the Libssh mailing list