Re: Packet len too high during authentication

[Anne Zhang <meantobe997@xxxxxxxxxxx>]

Hi Aris,

The openssl version I used are above or equal to 0.9.8. The machine I use
is OpenSSL 1.0.0j 10 May 2012. The ssh server uses OpenSSL 0.9.8o 01 Jun
2010. I also sshed to linux server and I encountered the same
problem(OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008). The cipher available on
both servers are:

encryption client->server:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour
encryption server->client:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour

But it seems I cannot set encryption to last three algorithms
(arcfour128,arcfour256,arcfour). libssh will generate error and use the
other algorithm.

Thanks very much,

Anne


On Tue, Nov 19, 2013 at 1:08 AM, Aris Adamantiadis <aris@xxxxxxxxxxxx>wrote:

> Hi Anne,
>
> This looks like a problem we already had on very old openssl with CTR.
> Can you retrieve the version number of OpenSSL used in your system ?
> Do you have the same problem when trying to reach a linux server from
> solaris ?
> What are the other supported ciphers on solaris ? IIRC, they chose to
> break the SSH2 RFC which says 3des-cbc MUST be implemented, on the
> unjustified fear of downgrade attacks.
> If we have the same problem as we had with old openssl & CTR, all we can
> do is blacklist that version of openssl for AES-CTR. (more info
> http://blog.0xbadc0de.be/archives/15 )
>
> Aris
>
> Le 19/11/13 01:00, Anne Zhang a écrit :
> > Hi Aris,
> >
> > I tried all the encryption algorithm available on Solaris x86:
> > *aes128-ctr,aes192-ctr,aes256-ctr,* but failed at the same place. I also
> > increase the verbose:
> >
> > [2013/11/18 15:55:10.685952, 1] ssh_connect:  libssh 0.6.0 (c) 2003-2010
> > Aris Adamantiadis (aris@xxxxxxxxxxxx <mailto:aris@xxxxxxxxxxxx>)
> > Distributed under the LGPL, please refer to COPYING file for information
> > about your rights, using threading threads_noop
> > [2013/11/18 15:55:10.688099, 2] ssh_socket_connect:  Nonblocking
> > connection socket: 7
> > [2013/11/18 15:55:10.688951, 2] ssh_connect:  Socket connecting, now
> > waiting for the callbacks to work
> > [2013/11/18 15:55:10.689704, 3] ssh_connect:  ssh_connect: Actual
> > timeout : 10000
> > [2013/11/18 15:55:10.730204, 3] ssh_socket_pollcallback:  Received
> > POLLOUT in connecting state
> > [2013/11/18 15:55:10.731020, 1] socket_callback_connected:  Socket
> > connection callback: 1 (0)
> > [2013/11/18 15:55:10.773358, 3] callback_receive_banner:  Received
> > banner: SSH-2.0-Sun_SSH_2.0
> > [2013/11/18 15:55:10.774183, 1] ssh_client_connection_callback:  SSH
> > server banner: SSH-2.0-Sun_SSH_2.0
> > [2013/11/18 15:55:10.779641, 1] ssh_analyze_banner:  Analyzing banner:
> > SSH-2.0-Sun_SSH_2.0
> > [2013/11/18 15:55:10.780421, 3] ssh_socket_unbuffered_write:  Enabling
> > POLLOUT for socket
> > [2013/11/18 15:55:10.861191, 3] ssh_packet_socket_callback:  packet:
> > read type 20 [len=580,padding=6,comp=573,payload=573]
> > [2013/11/18 15:55:10.861917, 3] ssh_packet_process:  Dispatching handler
> > for packet type 20
> > [2013/11/18 15:55:10.864677, 3] ssh_socket_unbuffered_write:  Enabling
> > POLLOUT for socket
> > [2013/11/18 15:55:10.865624, 3] packet_send2:  packet: wrote
> > [len=204,padding=4,comp=199,payload=199]
> > [2013/11/18 15:55:10.867794, 3] packet_send2:  packet: wrote
> > [len=268,padding=5,comp=262,payload=262]
> > [2013/11/18 15:55:10.868684, 3] ssh_socket_unbuffered_write:  Enabling
> > POLLOUT for socket
> > [2013/11/18 15:55:10.968684, 3] ssh_packet_socket_callback:  packet:
> > read type 31 [len=828,padding=9,comp=818,payload=818]
> > [2013/11/18 15:55:10.969438, 3] ssh_packet_process:  Dispatching handler
> > for packet type 31
> > [2013/11/18 15:55:10.970022, 2] ssh_packet_dh_reply:  Received
> > SSH_KEXDH_REPLY
> > [2013/11/18 15:55:10.972619, 3] ssh_socket_unbuffered_write:  Enabling
> > POLLOUT for socket
> > [2013/11/18 15:55:10.973317, 3] packet_send2:  packet: wrote
> > [len=12,padding=10,comp=1,payload=1]
> > [2013/11/18 15:55:10.974083, 2] ssh_client_dh_reply:  SSH_MSG_NEWKEYS
> sent
> > [2013/11/18 15:55:10.974679, 3] ssh_packet_socket_callback:  Processing
> > 16 bytes left in socket buffer
> > [2013/11/18 15:55:10.975276, 3] ssh_packet_socket_callback:  packet:
> > read type 21 [len=12,padding=10,comp=1,payload=1]
> > [2013/11/18 15:55:10.975895, 3] ssh_packet_process:  Dispatching handler
> > for packet type 21
> > [2013/11/18 15:55:10.976527, 2] ssh_packet_newkeys:  Received
> > SSH_MSG_NEWKEYS
> > [2013/11/18 15:55:10.977364, 3] crypt_set_algorithms2:  Set output
> > algorithm to aes128-ctr
> > [2013/11/18 15:55:10.977961, 3] crypt_set_algorithms2:  Set input
> > algorithm to aes128-ctr
> > [2013/11/18 15:55:10.979467, 2] ssh_packet_newkeys:  Signature verified
> > and valid
> > [2013/11/18 15:55:10.985355, 3] ssh_connect:  ssh_connect: Actual state
> : 7
> > [2013/11/18 15:55:10.986487, 3] packet_send2:  packet: wrote
> > [len=28,padding=10,comp=17,payload=17]
> > [2013/11/18 15:55:10.987108, 3] ssh_service_request:  Sent
> > SSH_MSG_SERVICE_REQUEST (service ssh-userauth)
> > [2013/11/18 15:55:10.987842, 3] ssh_socket_unbuffered_write:  Enabling
> > POLLOUT for socket
> > [2013/11/18 15:55:11.170462, 1] ssh_packet_socket_callback:
> >  read_packet(): Packet len too high(1000142574 3b9cf6ee)
> > [2013/11/18 15:55:11.170605, 1] ssh_userauth_request_service:  Failed to
> > request "ssh-userauth" service
> > Error authenticating with password: read_packet(): Packet len too
> > high(1000142574 3b9cf6ee)
> > [2013/11/18 15:55:11.171031, 3] ssh_socket_unbuffered_write:  Enabling
> > POLLOUT for socket
> > [2013/11/18 15:55:11.171119, 3] packet_send2:  packet: wrote
> > [len=28,padding=11,comp=16,payload=16]
> >
> >
> >
> > I also tried earlier version of libssh, and attached verbose here:
> >
> > [1] libssh 0.5.2 (c) 2003-2010 Aris Adamantiadis (aris@xxxxxxxxxxxx
> > <mailto:aris@xxxxxxxxxxxx>) Distributed under the LGPL, please refer to
> > COPYING file for information about your rights, using threading
> threads_noop
> > [2] Nonblocking connection socket: 7
> > [2] Socket connecting, now waiting for the callbacks to work
> > [3] ssh_connect: Actual timeout : 10000
> > [3] Received POLLOUT in connecting state
> > [1] Socket connection callback: 1 (0)
> > [3] Received banner: SSH-2.0-Sun_SSH_2.0
> > [1] SSH server banner: SSH-2.0-Sun_SSH_2.0
> > [1] Analyzing banner: SSH-2.0-Sun_SSH_2.0
> > [3] Enabling POLLOUT for socket
> > [3] Packet size decrypted: 580 (0x244)
> > [3] Read a 580 bytes packet
> > [3] 6 bytes padding, 579 bytes left in buffer
> > [3] After padding, 573 bytes left in buffer
> > [3] Final size 573
> > [3] Type 20
> > [3] Dispatching handler for packet type 20
> > [3] Writing on the wire a packet having 141 bytes before
> > [3] 141 bytes after comp + 6 padding bytes = 148 bytes packet
> > [3] Enabling POLLOUT for socket
> > [3] Writing on the wire a packet having 133 bytes before
> > [3] 133 bytes after comp + 6 padding bytes = 140 bytes packet
> > [3] Enabling POLLOUT for socket
> > [3] Packet size decrypted: 700 (0x2bc)
> > [3] Read a 700 bytes packet
> > [3] 9 bytes padding, 699 bytes left in buffer
> > [3] After padding, 690 bytes left in buffer
> > [3] Final size 690
> > [3] Type 31
> > [3] Dispatching handler for packet type 31
> > [2] Received SSH_KEXDH_REPLY
> > [3] Writing on the wire a packet having 1 bytes before
> > [3] 1 bytes after comp + 10 padding bytes = 12 bytes packet
> > [3] Enabling POLLOUT for socket
> > [2] SSH_MSG_NEWKEYS sent
> > [3] Processing 16 bytes left in socket buffer
> > [3] Packet size decrypted: 12 (0xc)
> > [3] Read a 12 bytes packet
> > [3] 10 bytes padding, 11 bytes left in buffer
> > [3] After padding, 1 bytes left in buffer
> > [3] Final size 1
> > [3] Type 21
> > [3] Dispatching handler for packet type 21
> > [2] Received SSH_MSG_NEWKEYS
> > [3] Set output algorithm to aes256-ctr
> > [3] Set input algorithm to aes256-ctr
> > [3] ssh_connect: Actual state : 7
> > [3] Writing on the wire a packet having 17 bytes before
> > [3] 17 bytes after comp + 10 padding bytes = 28 bytes packet
> > [3] Encrypting packet with seq num: 3, len: 32
> > [3] Sent SSH_MSG_SERVICE_REQUEST (service ssh-userauth)
> > [3] Enabling POLLOUT for socket
> > [3] Decrypting 16 bytes
> > [3] Packet size decrypted: 717271339 (0x2ac0b12b)
> > [1] Error : read_packet(): Packet len too high(717271339 2ac0b12b)
> > [1] Socket exception callback: 1 (0)
> > [1] Error : Socket error: Error 0
> >
> > Any other suggestions?
> >
> > Thanks very much.
> >
> >
> >
> > Anne 张舒菁
> > ----
> > Vice Minister of UMJI Career Department 上海交大密西根学院 事业部
> > Finance of Microsoft Technology Club 上海交大微软俱乐部 财务
> > OutGoing Exchange Manager 出境交流部
> > AIESEC Shanghai (SJTU)
> > Mainland of China
> > ----
> > Mobile: +86 139 1629 1208
> > Email: anneshujing@xxxxxxxxx <mailto:anneshujing@xxxxxxxxx>
> > MSN: meantobe997@xxxxxxxxxxx <mailto:meantobe997@xxxxxxxxxxx>
> > Skype: luvinganne
> >
> >
> > On Thu, Nov 14, 2013 at 12:18 AM, Aris Adamantiadis <aris@xxxxxxxxxxxx
> > <mailto:aris@xxxxxxxxxxxx>> wrote:
> >
> >     Hi,
> >
> >     I do not have solaris 11 x86 to test. Could you increase the
> verbosity
> >     and maybe provide some output from the SSH server ?
> >
> >     If you don't have more information, could you do a tcpdump trace and
> >     post it on http://www.cloudshark.org/ ?
> >
> >     What happens if you change the encryption algorithm to aes128-cbc or
> >     3des-cbc ? I believe some encryption algorithm may be broken on
> solaris.
> >     Thanks,
> >
> >     Aris
> >
> >     Le 13/11/13 23:14, ZhangAnne a écrit :
> >     > Hi,
> >     >
> >     > I am using the user authentication code
> >     > from http://api.libssh.org/stable/libssh_tutor_guided_tour.html on
> >     > Solaris 11 x86. And I came across following problem during password
> >     > authentication:
> >     >
> >     > [2013/11/13 14:35:57.099342, 1] ssh_connect:  libssh 0.6.0 (c)
> >     2003-2010
> >     > Aris Adamantiadis (aris@xxxxxxxxxxxx <mailto:aris@xxxxxxxxxxxx>)
> >     Distributed under the LGPL, please
> >     > refer to COPYING file for information about your rights, using
> >     threading
> >     > threads_noop
> >     > [2013/11/13 14:35:57.116739, 2] ssh_socket_connect:  Nonblocking
> >     > connection socket: 7
> >     > [2013/11/13 14:35:57.116802, 2] ssh_connect:  Socket connecting,
> now
> >     > waiting for the callbacks to work
> >     > [2013/11/13 14:35:57.117023, 1] socket_callback_connected:  Socket
> >     > connection callback: 1 (0)
> >     > [2013/11/13 14:35:57.118896, 1] ssh_client_connection_callback:
>  SSH
> >     > server banner: SSH-2.0-Sun_SSH_1.5
> >     > [2013/11/13 14:35:57.118948, 1] ssh_analyze_banner:  Analyzing
> banner:
> >     > SSH-2.0-Sun_SSH_1.5
> >     > [2013/11/13 14:35:57.159941, 2] ssh_packet_dh_reply:  Received
> >     > SSH_KEXDH_REPLY
> >     > [2013/11/13 14:35:57.160361, 2] ssh_client_dh_reply:
> >      SSH_MSG_NEWKEYS sent
> >     > [2013/11/13 14:35:57.160392, 2] ssh_packet_newkeys:  Received
> >     > SSH_MSG_NEWKEYS
> >     > [2013/11/13 14:35:57.160785, 2] ssh_packet_newkeys:  Signature
> >     verified
> >     > and valid
> >     > unknown server.[2013/11/13 14:35:57.246178, 1]
> >     > ssh_packet_socket_callback:  read_packet(): Packet len too
> >     high(62115112
> >     > 3b3cd28)
> >     > [2013/11/13 14:35:57.246233, 1] ssh_userauth_request_service:
> >      Failed to
> >     > request "ssh-userauth" service
> >     > Error authenticating with password: read_packet(): Packet len too
> >     > high(62115112 3b3cd28)
> >     >
> >     > It's using socket 7, and I tried to use other socket number
> >     > with ssh_options_set(session, SSH_OPTIONS_FD, NULL); but it says
> >     > connection time out.
> >     >
> >     > Any idea packet length is too high while we are doing
> authentication?
> >     >
> >     > I can connect to the ssh server on other machines.
> >     >
> >     > Thanks very much!
> >
> >
>
>