openssh unix dev - Mar 2001 - Possible problem with sshconnect1.c in openssh-2.5.1p2

Hi all,

  I have come across a problem that seems to have been introduced
between openssh-2.3.0p1 and openssh-2.5.1.  I sadly admit that my
SSH knowledge is limited, so this problem could very well be with
the server implementation.  Hopefully someone can educate me...

  Netscreen produces hardware encryption boxes which have the
capability of being managed by SSH (protocol version 1.)  With the
2.3.0 series of OpenSSH I was able to access my Netscreen boxes
fine.  However I was initially able to connect with the 2.5.1
series.  I followed the source code and noticed a change in
sshconnect1.c between 2.3.0 and 2.5.1.  In the function
"try_password_authentication" the line:

     packet_put_string(password, strlen(password));

became:

     ssh_put_password(password);

"ssh_put_password" appears to pad the password prior to
encrypting and sending it.

  If I modify sshconnect1.c and change
"ssh_put_password(password);" to
"packet_put_string(password,strlen(password));"
it starts working.

  What are implications of doing this?  Does it sound like the
Netscreen SSH server implementation is not correct?

  Thanks,

Michael Krivacek

I have the same problem connect to a vax. The vax (VMS) is using
OSU_1.1 ssh.

The change you suggested fixed the problem.

Byron Jennings


On Fri, 9 Mar 2001, Michael Krivacek wrote:
>
> Hi all,
>
>   I have come across a problem that seems to have been introduced
> between openssh-2.3.0p1 and openssh-2.5.1.  I sadly admit that my
> SSH knowledge is limited, so this problem could very well be with
> the server implementation.  Hopefully someone can educate me...
>
>   Netscreen produces hardware encryption boxes which have the
> capability of being managed by SSH (protocol version 1.)  With the
> 2.3.0 series of OpenSSH I was able to access my Netscreen boxes
> fine.  However I was initially able to connect with the 2.5.1
> series.  I followed the source code and noticed a change in
> sshconnect1.c between 2.3.0 and 2.5.1.  In the function
> "try_password_authentication" the line:
>
>      packet_put_string(password, strlen(password));
>
> became:
>
>      ssh_put_password(password);
>
> "ssh_put_password" appears to pad the password prior to
> encrypting and sending it.
>
>   If I modify sshconnect1.c and change
> "ssh_put_password(password);" to
"packet_put_string(password,strlen(password));"
> it starts working.
>
>   What are implications of doing this?  Does it sound like the
> Netscreen SSH server implementation is not correct?
>
>   Thanks,
>
> Michael Krivacek
>
>
>
--

seems there are more servers affected.
what is the banner of the server if you
	telnet server 22
?

-m

On Fri, Mar 09, 2001 at 04:26:33PM -0600, Michael Krivacek
wrote:
>   Netscreen produces hardware encryption boxes which have the
> capability of being managed by SSH (protocol version 1.)  With the
> 2.3.0 series of OpenSSH I was able to access my Netscreen boxes
> fine.  However I was initially able to connect with the 2.5.1
> series.  I followed the source code and noticed a change in
> sshconnect1.c between 2.3.0 and 2.5.1.  In the function
> "try_password_authentication" the line:
> 
>      packet_put_string(password, strlen(password));
> 
> became:
> 
>      ssh_put_password(password);
On Fri, Mar 09, 2001 at 03:52:28PM -0800, Byron Jennings
wrote:
> I have the same problem connect to a vax. The vax (VMS) is using
> OSU_1.1 ssh.