[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hangs on password queries once SSH session is up


The SSH protocol is very different of telnet in the sense that the
authentication mechanisms are part of the protocol and not a text feed
in the data channel. This permits better granularity on the
authentication modes possible.
In this case, doing a channel_poll on a channel that was not opened is
unlikely to work ; you need to authenticate first. look at the examples
in the examples/ directory to have an idea of how a libssh connection works.

I also greatly advise you to use the cmake building system. The zlib
optionnal stuff was not throughly tested, but a binary+include package
of the zlibs is very easy to find (imho not worth the hasle of patching
libssh for this). I think we resolved the doxygen issue a while ago (it
would work even without it).

Don't hesitate to ask if you have other issues.


leware@xxxxxxxxxxxxxxxx a écrit :
> I wrote a telnet client for Windows some years ago, and I had always wanted
> to add SSH to it. I finally got around to doing it, using libssh. Here's how
> it went, with one problem below.
> My first surprise was that the code required the SSL library. I guess it is
> only used for its crypto code, not for the SSL protocol proper. Building it
> went fine.
> I had more trouble building libssh. First, I didn't have CMake, so I had to
> install that.
> ZLib is supposed to be optional, but I had quite a fight getting CMake to
> stop asking for it. Once that was solved, CMake asked for doxygen. That was
> enough for me :-). I took the problem from the other end, as I often do. I
> just tried compiling the C code. That probably went faster than if had
> continued installing stuff until CMake was happy. After some adjustments to
> config.h, the following gave me what I needed (under Cygwin):
>    gcc -c -DLIBSSH_STATIC -I../openssl-1.0.0/include/ -I/usr/include/w32api/ -Iinclude/ -Ibuild -D_WIN32  libssh/*.c
>    ar rcs libssh.a *.o
> Anyway, the biggest issue I had is that the library uses blocking IO. My
> telnet client is non-blocking (event-driven). To keep my life simple, I
> decided to access the libssh code (once the channel is up) thru (timer-based)
> polling: if the socket says there is something available, I call into the
> library. This works fine > 99% of the time, so I'm happy! But I would have
> preferred a non-blocking API. Maybe I should look at libssh2 (but when things
> work, there is little motivation).
> ---
> However, I do have a problem in some scenarios. If, within an SSH session (to
> Linux), I try something which requires a password (eg. su/sudo, ftp), then my
> client hangs (does not return to its main event loop). The call chain at that
> point is the following (the socket has said it has data to read):
>     (my client)
>     channel_poll
>     ssh_handle_packets
>     packet_read
>     packet_read2
>     ssh_socket_wait_for_data
>     ssh_socket_completeread
>     ssh_socket_unbuffered_read
> The client is not consuming CPU, I assume it's blocked on a socket read.
> Does anyone have any quick hint at why? What is special about such cases?
> Echo is turned off for the password prompt, but I would have thought this is
> entirely a server-side issue, why would that impact the client? Or is the ssh
> protocol somehow involved (eg. using a protocol mechanism to fetch this
> password, or in echo control)? One way to unblock the situation is to send
> some output to the hung session from another one. Or the issue can be worked
> around by pasting the password into the client (complete with LF) all at once
> (so it goes out in a single channel_write()).
> The bug is of course in how I use the library, not in the library itself.
> I'm just hoping for a hint that might help me solve that one small issue.
> Thanks
> Pierre Lewis

Hangs on password queries once SSH session is upleware@xxxxxxxxxxxxxxxx
Archive administrator: postmaster@lists.cynapses.org