Re: Packet len too high during authentication

[Aris Adamantiadis <aris@xxxxxxxxxxxx>]

Hi Anne,

This looks like a problem we already had on very old openssl with CTR.
Can you retrieve the version number of OpenSSL used in your system ?
Do you have the same problem when trying to reach a linux server from
solaris ?
What are the other supported ciphers on solaris ? IIRC, they chose to
break the SSH2 RFC which says 3des-cbc MUST be implemented, on the
unjustified fear of downgrade attacks.
If we have the same problem as we had with old openssl & CTR, all we can
do is blacklist that version of openssl for AES-CTR. (more info
http://blog.0xbadc0de.be/archives/15 )

Aris

Le 19/11/13 01:00, Anne Zhang a écrit :
> Hi Aris,
> 
> I tried all the encryption algorithm available on Solaris x86:
> *aes128-ctr,aes192-ctr,aes256-ctr,* but failed at the same place. I also
> increase the verbose:
> 
> [2013/11/18 15:55:10.685952, 1] ssh_connect:  libssh 0.6.0 (c) 2003-2010
> Aris Adamantiadis (aris@xxxxxxxxxxxx <mailto:aris@xxxxxxxxxxxx>)
> Distributed under the LGPL, please refer to COPYING file for information
> about your rights, using threading threads_noop
> [2013/11/18 15:55:10.688099, 2] ssh_socket_connect:  Nonblocking
> connection socket: 7
> [2013/11/18 15:55:10.688951, 2] ssh_connect:  Socket connecting, now
> waiting for the callbacks to work
> [2013/11/18 15:55:10.689704, 3] ssh_connect:  ssh_connect: Actual
> timeout : 10000
> [2013/11/18 15:55:10.730204, 3] ssh_socket_pollcallback:  Received
> POLLOUT in connecting state
> [2013/11/18 15:55:10.731020, 1] socket_callback_connected:  Socket
> connection callback: 1 (0)
> [2013/11/18 15:55:10.773358, 3] callback_receive_banner:  Received
> banner: SSH-2.0-Sun_SSH_2.0
> [2013/11/18 15:55:10.774183, 1] ssh_client_connection_callback:  SSH
> server banner: SSH-2.0-Sun_SSH_2.0
> [2013/11/18 15:55:10.779641, 1] ssh_analyze_banner:  Analyzing banner:
> SSH-2.0-Sun_SSH_2.0
> [2013/11/18 15:55:10.780421, 3] ssh_socket_unbuffered_write:  Enabling
> POLLOUT for socket
> [2013/11/18 15:55:10.861191, 3] ssh_packet_socket_callback:  packet:
> read type 20 [len=580,padding=6,comp=573,payload=573]
> [2013/11/18 15:55:10.861917, 3] ssh_packet_process:  Dispatching handler
> for packet type 20
> [2013/11/18 15:55:10.864677, 3] ssh_socket_unbuffered_write:  Enabling
> POLLOUT for socket
> [2013/11/18 15:55:10.865624, 3] packet_send2:  packet: wrote
> [len=204,padding=4,comp=199,payload=199]
> [2013/11/18 15:55:10.867794, 3] packet_send2:  packet: wrote
> [len=268,padding=5,comp=262,payload=262]
> [2013/11/18 15:55:10.868684, 3] ssh_socket_unbuffered_write:  Enabling
> POLLOUT for socket
> [2013/11/18 15:55:10.968684, 3] ssh_packet_socket_callback:  packet:
> read type 31 [len=828,padding=9,comp=818,payload=818]
> [2013/11/18 15:55:10.969438, 3] ssh_packet_process:  Dispatching handler
> for packet type 31
> [2013/11/18 15:55:10.970022, 2] ssh_packet_dh_reply:  Received
> SSH_KEXDH_REPLY
> [2013/11/18 15:55:10.972619, 3] ssh_socket_unbuffered_write:  Enabling
> POLLOUT for socket
> [2013/11/18 15:55:10.973317, 3] packet_send2:  packet: wrote
> [len=12,padding=10,comp=1,payload=1]
> [2013/11/18 15:55:10.974083, 2] ssh_client_dh_reply:  SSH_MSG_NEWKEYS sent
> [2013/11/18 15:55:10.974679, 3] ssh_packet_socket_callback:  Processing
> 16 bytes left in socket buffer
> [2013/11/18 15:55:10.975276, 3] ssh_packet_socket_callback:  packet:
> read type 21 [len=12,padding=10,comp=1,payload=1]
> [2013/11/18 15:55:10.975895, 3] ssh_packet_process:  Dispatching handler
> for packet type 21
> [2013/11/18 15:55:10.976527, 2] ssh_packet_newkeys:  Received
> SSH_MSG_NEWKEYS
> [2013/11/18 15:55:10.977364, 3] crypt_set_algorithms2:  Set output
> algorithm to aes128-ctr
> [2013/11/18 15:55:10.977961, 3] crypt_set_algorithms2:  Set input
> algorithm to aes128-ctr
> [2013/11/18 15:55:10.979467, 2] ssh_packet_newkeys:  Signature verified
> and valid
> [2013/11/18 15:55:10.985355, 3] ssh_connect:  ssh_connect: Actual state : 7
> [2013/11/18 15:55:10.986487, 3] packet_send2:  packet: wrote
> [len=28,padding=10,comp=17,payload=17]
> [2013/11/18 15:55:10.987108, 3] ssh_service_request:  Sent
> SSH_MSG_SERVICE_REQUEST (service ssh-userauth)
> [2013/11/18 15:55:10.987842, 3] ssh_socket_unbuffered_write:  Enabling
> POLLOUT for socket
> [2013/11/18 15:55:11.170462, 1] ssh_packet_socket_callback:
>  read_packet(): Packet len too high(1000142574 3b9cf6ee)
> [2013/11/18 15:55:11.170605, 1] ssh_userauth_request_service:  Failed to
> request "ssh-userauth" service
> Error authenticating with password: read_packet(): Packet len too
> high(1000142574 3b9cf6ee)
> [2013/11/18 15:55:11.171031, 3] ssh_socket_unbuffered_write:  Enabling
> POLLOUT for socket
> [2013/11/18 15:55:11.171119, 3] packet_send2:  packet: wrote
> [len=28,padding=11,comp=16,payload=16]
> 
> 
> 
> I also tried earlier version of libssh, and attached verbose here:
> 
> [1] libssh 0.5.2 (c) 2003-2010 Aris Adamantiadis (aris@xxxxxxxxxxxx
> <mailto:aris@xxxxxxxxxxxx>) Distributed under the LGPL, please refer to
> COPYING file for information about your rights, using threading threads_noop
> [2] Nonblocking connection socket: 7
> [2] Socket connecting, now waiting for the callbacks to work
> [3] ssh_connect: Actual timeout : 10000
> [3] Received POLLOUT in connecting state
> [1] Socket connection callback: 1 (0)
> [3] Received banner: SSH-2.0-Sun_SSH_2.0
> [1] SSH server banner: SSH-2.0-Sun_SSH_2.0
> [1] Analyzing banner: SSH-2.0-Sun_SSH_2.0
> [3] Enabling POLLOUT for socket
> [3] Packet size decrypted: 580 (0x244)
> [3] Read a 580 bytes packet
> [3] 6 bytes padding, 579 bytes left in buffer
> [3] After padding, 573 bytes left in buffer
> [3] Final size 573
> [3] Type 20
> [3] Dispatching handler for packet type 20
> [3] Writing on the wire a packet having 141 bytes before
> [3] 141 bytes after comp + 6 padding bytes = 148 bytes packet
> [3] Enabling POLLOUT for socket
> [3] Writing on the wire a packet having 133 bytes before
> [3] 133 bytes after comp + 6 padding bytes = 140 bytes packet
> [3] Enabling POLLOUT for socket
> [3] Packet size decrypted: 700 (0x2bc)
> [3] Read a 700 bytes packet
> [3] 9 bytes padding, 699 bytes left in buffer
> [3] After padding, 690 bytes left in buffer
> [3] Final size 690
> [3] Type 31
> [3] Dispatching handler for packet type 31
> [2] Received SSH_KEXDH_REPLY
> [3] Writing on the wire a packet having 1 bytes before
> [3] 1 bytes after comp + 10 padding bytes = 12 bytes packet
> [3] Enabling POLLOUT for socket
> [2] SSH_MSG_NEWKEYS sent
> [3] Processing 16 bytes left in socket buffer
> [3] Packet size decrypted: 12 (0xc)
> [3] Read a 12 bytes packet
> [3] 10 bytes padding, 11 bytes left in buffer
> [3] After padding, 1 bytes left in buffer
> [3] Final size 1
> [3] Type 21
> [3] Dispatching handler for packet type 21
> [2] Received SSH_MSG_NEWKEYS
> [3] Set output algorithm to aes256-ctr
> [3] Set input algorithm to aes256-ctr
> [3] ssh_connect: Actual state : 7
> [3] Writing on the wire a packet having 17 bytes before
> [3] 17 bytes after comp + 10 padding bytes = 28 bytes packet
> [3] Encrypting packet with seq num: 3, len: 32
> [3] Sent SSH_MSG_SERVICE_REQUEST (service ssh-userauth)
> [3] Enabling POLLOUT for socket
> [3] Decrypting 16 bytes
> [3] Packet size decrypted: 717271339 (0x2ac0b12b)
> [1] Error : read_packet(): Packet len too high(717271339 2ac0b12b)
> [1] Socket exception callback: 1 (0)
> [1] Error : Socket error: Error 0
> 
> Any other suggestions?
> 
> Thanks very much.
> 
> 
> 
> Anne 张舒菁
> ----
> Vice Minister of UMJI Career Department 上海交大密西根学院 事业部
> Finance of Microsoft Technology Club 上海交大微软俱乐部 财务
> OutGoing Exchange Manager 出境交流部
> AIESEC Shanghai (SJTU)
> Mainland of China
> ----
> Mobile: +86 139 1629 1208
> Email: anneshujing@xxxxxxxxx <mailto:anneshujing@xxxxxxxxx>
> MSN: meantobe997@xxxxxxxxxxx <mailto:meantobe997@xxxxxxxxxxx>
> Skype: luvinganne
> 
> 
> On Thu, Nov 14, 2013 at 12:18 AM, Aris Adamantiadis <aris@xxxxxxxxxxxx
> <mailto:aris@xxxxxxxxxxxx>> wrote:
> 
>     Hi,
> 
>     I do not have solaris 11 x86 to test. Could you increase the verbosity
>     and maybe provide some output from the SSH server ?
> 
>     If you don't have more information, could you do a tcpdump trace and
>     post it on http://www.cloudshark.org/ ?
> 
>     What happens if you change the encryption algorithm to aes128-cbc or
>     3des-cbc ? I believe some encryption algorithm may be broken on solaris.
>     Thanks,
> 
>     Aris
> 
>     Le 13/11/13 23:14, ZhangAnne a écrit :
>     > Hi,
>     >
>     > I am using the user authentication code
>     > from http://api.libssh.org/stable/libssh_tutor_guided_tour.html on
>     > Solaris 11 x86. And I came across following problem during password
>     > authentication:
>     >
>     > [2013/11/13 14:35:57.099342, 1] ssh_connect:  libssh 0.6.0 (c)
>     2003-2010
>     > Aris Adamantiadis (aris@xxxxxxxxxxxx <mailto:aris@xxxxxxxxxxxx>)
>     Distributed under the LGPL, please
>     > refer to COPYING file for information about your rights, using
>     threading
>     > threads_noop
>     > [2013/11/13 14:35:57.116739, 2] ssh_socket_connect:  Nonblocking
>     > connection socket: 7
>     > [2013/11/13 14:35:57.116802, 2] ssh_connect:  Socket connecting, now
>     > waiting for the callbacks to work
>     > [2013/11/13 14:35:57.117023, 1] socket_callback_connected:  Socket
>     > connection callback: 1 (0)
>     > [2013/11/13 14:35:57.118896, 1] ssh_client_connection_callback:  SSH
>     > server banner: SSH-2.0-Sun_SSH_1.5
>     > [2013/11/13 14:35:57.118948, 1] ssh_analyze_banner:  Analyzing banner:
>     > SSH-2.0-Sun_SSH_1.5
>     > [2013/11/13 14:35:57.159941, 2] ssh_packet_dh_reply:  Received
>     > SSH_KEXDH_REPLY
>     > [2013/11/13 14:35:57.160361, 2] ssh_client_dh_reply:
>      SSH_MSG_NEWKEYS sent
>     > [2013/11/13 14:35:57.160392, 2] ssh_packet_newkeys:  Received
>     > SSH_MSG_NEWKEYS
>     > [2013/11/13 14:35:57.160785, 2] ssh_packet_newkeys:  Signature
>     verified
>     > and valid
>     > unknown server.[2013/11/13 14:35:57.246178, 1]
>     > ssh_packet_socket_callback:  read_packet(): Packet len too
>     high(62115112
>     > 3b3cd28)
>     > [2013/11/13 14:35:57.246233, 1] ssh_userauth_request_service:
>      Failed to
>     > request "ssh-userauth" service
>     > Error authenticating with password: read_packet(): Packet len too
>     > high(62115112 3b3cd28)
>     >
>     > It's using socket 7, and I tried to use other socket number
>     > with ssh_options_set(session, SSH_OPTIONS_FD, NULL); but it says
>     > connection time out.
>     >
>     > Any idea packet length is too high while we are doing authentication?
>     >
>     > I can connect to the ssh server on other machines.
>     >
>     > Thanks very much!
> 
>