Yo All! I have been playing with SSH 2.2.0 from www.ssh.com. I can not connect to openssh 2.2.1p1 using Ver 2 protocol from ssh Ver 2.2.0. Ver 1 works fine. See below for the debug output from both ends If I force hmac-md5 (-m hmac-md5) from the sender it works! The other 3 choices fail: hmac-sha1; hmac-md5-96; and none. I have no problem connecting to this openssh host (hobbes) from SeccureCRT Ver 3.1b2 or SSH V 2.0.13. I also have no problem connecting from SecureCRT 3.1b2 to ssh 2.2.0 (after I select "Standard Server" on the client end). Any ideas? RGDS GARY --------------------------------------------------------------------------- Gary E. Miller Rellim 20340 Empire Ave, Suite E-3, Bend, OR 97701 gem at rellim.com Tel:+1(541)382-8588 Fax: +1(541)382-8676 [root at a ~]# ssh -V ssh: SSH Secure Shell 2.2.0 (non-commercial version) on i686-pc-linux-gnu [root at a ~]# ssh -v -l gem -p 4040 hobbes.rellim.com debug: hostname is 'hobbes.rellim.com'. debug: Unable to open /root/.ssh2/ssh2_config debug: connecting to hobbes.rellim.com... debug: entering event loop debug: ssh_client_wrap: creating transport protocol debug: SshAuthMethodClient/sshauthmethodc.c:99/ssh_client_authentication_initialize: Added "publickey" to usable methods. debug: SshAuthMethodClient/sshauthmethodc.c:99/ssh_client_authentication_initialize: Added "password" to usable methods. debug: Ssh2Client/sshclient.c:1097/ssh_client_wrap: creating userauth protocol debug: Ssh2Common/sshcommon.c:350/ssh_common_wrap: local ip = 192.168.254.148, local port = 1034 debug: Ssh2Common/sshcommon.c:352/ssh_common_wrap: remote ip = 204.17.205.2, remote port = 4040 debug: SshConnection/sshconn.c:1853/ssh_conn_wrap: Wrapping... debug: Ssh2Transport/trcommon.c:593/ssh_tr_input_version: Remote version: SSH-1.99-OpenSSH_2.1.1 debug: Remote version: SSH-1.99-OpenSSH_2.1.1 debug: SshUnixUserFiles/sshunixuserfiles.c:200/ssh_blob_read: file /root/.ssh2/hostkeys/key_4040_hobbes.rellim.com.pub does not exist. debug: SshUnixUserFiles/sshunixuserfiles.c:200/ssh_blob_read: file /etc/ssh2/hostkeys/key_4040_hobbes.rellim.com.pub does not exist. Host key not found from database. Key fingerprint: xodat-besid-vulot-nimet-hygyv-dovak-ryraf-cugiz-dazyl-tireg-bixox You can get a public key's fingerprint by running % ssh-keygen -F publickey.pub on the keyfile. Are you sure you want to continue connecting (yes/no)? yes Host key saved to /root/.ssh2/hostkeys/key_4040_hobbes.rellim.com.pub host key for hobbes.rellim.com, accepted by root Wed Jun 21 2000 15:07:20 -0700 debug: Ssh2Common/sshcommon.c:132/ssh_common_disconnect: DISCONNECT received: Message authentication check fails. warning: Authentication failed. debug: Ssh2/ssh2.c:76/client_disconnect: locally_generated = TRUE Disconnected; MAC error (Message authentication check fails.). debug: uninitializing event loop On the other end: hobbes:/usr/adm# sshd -p 4040 -d debug: sshd version OpenSSH_2.1.1 debug: Seeding random number generator debug: read DSA private key done debug: Seeding random number generator debug: Bind to port 4040 on 0.0.0.0. Server listening on 0.0.0.0 port 4040. Generating 768 bit RSA key. debug: Seeding random number generator debug: Seeding random number generator RSA key generation complete. debug: Server will not fork when running in debugging mode. Connection from 216.200.191.195 port 1034 debug: Client protocol version 1.99; client software version 2.2.0 SSH Secure Shell (non-commercial) Enabling compatibility mode for protocol 2.0 debug: Local version string SSH-1.99-OpenSSH_2.1.1 debug: send KEXINIT debug: done debug: wait KEXINIT debug: got kexinit: diffie-hellman-group1-sha1 debug: got kexinit: ssh-dss debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour debug: got kexinit: hmac-sha1,hmac-md5,hmac-md5-96,none debug: got kexinit: hmac-sha1,hmac-md5,hmac-md5-96,none debug: got kexinit: none,zlib debug: got kexinit: none,zlib debug: got kexinit: debug: got kexinit: debug: first kex follow: 1 debug: reserved: 0 debug: done debug: kex: client->server 3des-cbc hmac-sha1 none debug: kex: server->client 3des-cbc hmac-sha1 none debug: Wait SSH2_MSG_KEXDH_INIT. debug: bits set: 523/1024 debug: bits set: 505/1024 debug: sig size 20 20 debug: send SSH2_MSG_NEWKEYS. debug: done: send SSH2_MSG_NEWKEYS. debug: Wait SSH2_MSG_NEWKEYS. debug: GOT SSH2_MSG_NEWKEYS. debug: done: KEX2. Disconnecting: Corrupted HMAC on input. debug: Calling cleanup 0x805f650(0x0)
On Wed, Jun 21, 2000 at 03:21:23PM -0700, Gary E. Miller wrote:> Yo All! > > I have been playing with SSH 2.2.0 from www.ssh.com. I can not > connect to openssh 2.2.1p1 using Ver 2 protocol from ssh Ver 2.2.0. > Ver 1 works fine. > > See below for the debug output from both ends > > If I force hmac-md5 (-m hmac-md5) from the sender it works! > The other 3 choices fail: hmac-sha1; hmac-md5-96; and none. > > I have no problem connecting to this openssh host (hobbes) from > SeccureCRT Ver 3.1b2 or SSH V 2.0.13. > > I also have no problem connecting from SecureCRT 3.1b2 to ssh 2.2.0 > (after I select "Standard Server" on the client end). > > Any ideas?i don't agree with what ssh.com uses as authkey size for hmac-sha1. hmac-md5-96 is not implemented by openssh. try the attached patches. -markus -------------- next part -------------- Index: compat.c ==================================================================RCS file: /home/markus/cvs/ssh/compat.c,v retrieving revision 1.14 retrieving revision 1.17 diff -IRCSID -u -r1.14 -r1.17 --- compat.c 2000/05/22 18:42:01 1.14 +++ compat.c 2000/06/20 01:39:40 1.17 @@ -61,6 +61,7 @@ char *version; int bugs; } check[] = { + {"2.2.0", SSH_BUG_HMAC|SSH_COMPAT_SESSIONID_ENCODING}, {"2.1.0", SSH_BUG_SIGBLOB|SSH_BUG_HMAC}, {"2.0.1", SSH_BUG_SIGBLOB|SSH_BUG_HMAC|SSH_BUG_PUBKEYAUTH|SSH_BUG_X11FWD}, {NULL, 0} Index: compat.h ==================================================================RCS file: /home/markus/cvs/ssh/compat.h,v retrieving revision 1.7 retrieving revision 1.9 diff -IRCSID -u -r1.7 -r1.9 --- compat.h 2000/05/08 17:42:24 1.7 +++ compat.h 2000/06/20 01:39:40 1.9 @@ -40,6 +40,7 @@ #define SSH_BUG_PUBKEYAUTH 0x02 #define SSH_BUG_HMAC 0x04 #define SSH_BUG_X11FWD 0x08 +#define SSH_COMPAT_SESSIONID_ENCODING 0x10 void enable_compat13(void); void enable_compat20(void); Index: sshconnect2.c ==================================================================RCS file: /home/markus/cvs/ssh/sshconnect2.c,v retrieving revision 1.13 retrieving revision 1.14 diff -IRCSID -u -r1.13 -r1.14 --- sshconnect2.c 2000/06/02 02:00:19 1.13 +++ sshconnect2.c 2000/06/19 00:50:11 1.14 @@ -295,6 +295,7 @@ unsigned char *blob, *signature; int bloblen, slen; struct stat st; + int skip = 0; if (stat(filename, &st) != 0) { debug("key does not exist: %s", filename); @@ -321,7 +322,13 @@ /* data to be signed */ buffer_init(&b); - buffer_append(&b, session_id2, session_id2_len); + if (datafellows & SSH_COMPAT_SESSIONID_ENCODING) { + buffer_put_string(&b, session_id2, session_id2_len); + skip = buffer_len(&b); + } else { + buffer_append(&b, session_id2, session_id2_len); + skip = session_id2_len; + } buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); buffer_put_cstring(&b, server_user); buffer_put_cstring(&b, @@ -357,9 +364,9 @@ xfree(signature); /* skip session id and packet type */ - if (buffer_len(&b) < session_id2_len + 1) + if (buffer_len(&b) < skip + 1) fatal("ssh2_try_pubkey: internal error"); - buffer_consume(&b, session_id2_len + 1); + buffer_consume(&b, skip + 1); /* put remaining data from buffer into packet */ packet_start(SSH2_MSG_USERAUTH_REQUEST); -------------- next part -------------- Index: kex.c ==================================================================RCS file: /home/markus/cvs/ssh/kex.c,v retrieving revision 1.8 diff -u -r1.8 kex.c --- kex.c 2000/06/20 01:39:41 1.8 +++ kex.c 2000/06/22 00:47:37 @@ -360,11 +360,17 @@ mac->md = EVP_sha1(); } else if (strcmp(name, "hmac-ripemd160 at openssh.com") == 0) { mac->md = EVP_ripemd160(); + } else if (strcmp(name, "hmac-md5-96") == 0) { + mac->md = EVP_md5(); + } else if (strcmp(name, "hmac-sha-96") == 0) { + mac->md = EVP_sha1(); } else { fatal("unsupported mac %s", name); } mac->name = name; mac->mac_len = mac->md->md_size; + if (strstr(name, "-96") == 0 && mac->mac_len > 96) + mac->mac_len = 96/8; mac->key_len = (datafellows & SSH_BUG_HMAC) ? 16 : mac->mac_len; mac->key = NULL; mac->enabled = 0;