[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Fwd: ssh_connect fails: Received SSH_MSG_DISCONNECT 33554432:bad client public DH value
[Thread Prev] | [Thread Next]
- Subject: Fwd: ssh_connect fails: Received SSH_MSG_DISCONNECT 33554432:bad client public DH value
- From: Zvi Vered <veredz72@xxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Sun, 4 May 2014 21:06:10 +0300
- To: libssh@xxxxxxxxxx
Dear Members, The cause to the problem is the code: #if defined(OPENSSL_SYS_VXWORKS) int RAND_poll(void) { return 0; } #endif in openssl-0.9.8e/crypto/rand/rand_unix.c I replaced this code with the code used for OpenBSD: #if defined(OPENSSL_SYS_VXWORKS) int RAND_poll(void) { u_int32_t rnd = 0, i; unsigned char buf[ENTROPY_NEEDED]; for (i = 0; i < sizeof(buf); i++) { if (i % 4 == 0) rnd = rand(); buf[i] = rnd; rnd >>= 8; } RAND_add(buf, sizeof(buf), ENTROPY_NEEDED); memset(buf, 0, sizeof(buf)); return 1; } #endif I replaced 'arc4random' in the original code with 'rand'. There is not 'arc4random' in vxWorks. Do you think my solution is OK ? Now, the ssh_connect is working fine. Thanks, Zvika ---------- Forwarded message ---------- From: Zvi Vered <veredz72@xxxxxxxxx> Date: Thu, May 1, 2014 at 7:42 PM Subject: Re: ssh_connect fails: Received SSH_MSG_DISCONNECT 33554432:bad client public DH value To: libssh@xxxxxxxxxx Hi Aris, I did not do any changes in libssl. Can you point to the exact code in libssl where random numbers are created ? I will ask Windriver how to port this code to vxWorks. Thanks, Zvika -----Original Message----- From: Aris Adamantiadis Sent: Wednesday, April 30, 2014 11:14 PM To: libssh@xxxxxxxxxx Subject: Re: ssh_connect fails: Received SSH_MSG_DISCONNECT 33554432:bad client public DH value Zvi, Please tell me the random in libssh/openssl doesn't come out of rand(). This function is highly insecure and should not be used for cryptography. There are two acceptable ways of generating random, one of them is a /dev/?random device, the other is an EGD (entropy gathering daemon). The 1024 bits integer is a bignum. It is generated by the libcrypto library. I don't understand why the generated number is zero. Did you modify libcrypto/libssl ? Does openssh run normally ? Aris Le 29/04/14 23:18, Zvi Vered a écrit : > Hi Aris, > > vxWorks has no /dev/random or /dev/urandom. > But it does have the function: int rand () > > Can you tell what routine generates the "public part of the DH > handshake " ? > What is the "1024 bits long integer" ? Is it a struct ? > What is PRNG ? Is it calculated in "pki_key_dup" ? > > Thank you for your help ! > Zvika > > -----Original Message----- From: Aris Adamantiadis > Sent: Tuesday, April 29, 2014 11:01 PM > To: libssh@xxxxxxxxxx > Subject: Re: ssh_connect fails: Received SSH_MSG_DISCONNECT > 33554432:bad client public DH value > > Hi, > > Your capture tells me that the public part of the DH handshake generated > by client is invalid (it is equal to 1 when it should be a 1024 bits > long integer). I have no idea how that could happen. It is possible that > the PRNG returns 0 and so the g^x ends up being 1. > But this is not consistent with the random cookie looking random. Does > VXWork have a /dev/random or /dev/urandom device ? > > Aris > > Le 27/04/14 16:07, Zvi Vered a écrit : > >> Hi Aris, >> >> Attached the cap file as saved with Wireshark. >> >> I hope this is the right cap format. >> >> Can you understand why the server sends a "disconnect" ? >> >> The client is: 128.172.5.22 >> The server is: 128.172.82.55 >> >> Thanks, >> Zvika >> >> -----Original Message----- From: Aris Adamantiadis >> Sent: Thursday, April 24, 2014 11:57 PM >> To: libssh@xxxxxxxxxx >> Subject: Re: ssh_connect fails: Received SSH_MSG_DISCONNECT >> 33554432:bad client public DH value >> >> Please upload you .cap to cloudshark.org or attach it to the email, I >> can't help without seeing the content of packets. >> >> Aris >> Le 24/04/14 22:46, Zvi Vered a écrit : >> >>> Hi Aris, >>> >>> Is it possible to upload files ? >>> >>> Attached a snapshot from wireshark. >>> It starts from the ARP request the clients sends till "Server: >>> Disconnect". >>> >>> Thanks, >>> Zvika >>> >>> -----Original Message----- From: Aris Adamantiadis >>> Sent: Thursday, April 24, 2014 10:52 PM >>> To: libssh@xxxxxxxxxx >>> Subject: Re: ssh_connect fails: Received SSH_MSG_DISCONNECT >>> 33554432:bad client public DH value >>> >>> Can you please record a tcpdump capture with tcpdump or wireshark and >>> post it on cloudshark ? This happens pre-encryption. >>> >>> Aris >>> Le 24/04/14 21:45, Zvi Vered a écrit : >>> >>>> Hi Aris, >>>> >>>> It happens every time. >>>> >>>> Thanks, >>>> Zvika >>>> >>>> -----Original Message----- From: Aris Adamantiadis >>>> Sent: Thursday, April 24, 2014 9:23 PM >>>> To: libssh@xxxxxxxxxx >>>> Subject: Re: ssh_connect fails: Received SSH_MSG_DISCONNECT >>>> 33554432:bad client public DH value >>>> >>>> Hi, >>>> >>>> Does it happen every time you connect or only sometimes ? It's very >>>> strange. >>>> >>>> Aris >>>> Le 24/04/14 20:14, Zvi Vered a écrit : >>>> >>>>> Dear Members, >>>>> >>>>> I ported libssh-0.6.3 and openssl-1.0.1g to vxWorks 6.9.2 (with very >>>>> few code changes). >>>>> >>>>> Upon ssh_connect I got the messages listed below. >>>>> >>>>> As you can see the connection fails and the final message is: >>>>> >>>>> ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT >>>>> 33554432:bad client public DH value >>>>> >>>>> On the server side (running under RHEL 5.3) I got the following >>>>> messages in /var/log/secure: >>>>> >>>>> expecting SSH2_MSG_KEXDH_INIT >>>>> invalid public DH value (1 / 2048) >>>>> Disconnecting: bad client public DH value >>>>> >>>>> What can cause this problem ? >>>>> >>>>> Thanks, >>>>> Zvika >>>>> >>>>> ------------------------------------------------------------ >>>>> ------------------------------------------------------------ >>>>> ------------------------------------------------------------ >>>>> ------------- >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -> [1970/01/01 00:00:00.000000, 1] ssh_connect: libssh 0.6.3 (c) >>>>> 2003-2014 Aris Adamantiadis, Andreas Schneider, and libssh >>>>> contributors. Distributed under the LGPL, please refer to COPYING >>>>> file >>>>> for information about your rights, using threading threads_noop >>>>> [1970/01/01 00:00:00.000064, 3] getai: host 128.172.82.55 matches an >>>>> IP address >>>>> [1970/01/01 00:00:00.000000, 2] ssh_socket_connect: Nonblocking >>>>> connection socket: 6 >>>>> [1970/01/01 00:00:00.808925489, 2] ssh_connect: Socket connecting, >>>>> now >>>>> waiting for the callbacks to work >>>>> [1974/09/05 19:44:04.145667616, 3] ssh_connect: ssh_connect: Actual >>>>> timeout : 10000 >>>>> [2097/01/10 06:02:22.-286331154, 3] ssh_socket_pollcallback: Received >>>>> POLLOUT in connecting state >>>>> [2097/01/10 06:02:22.139554400, 1] socket_callback_connected: Socket >>>>> connection callback: 1 (0) >>>>> [1970/02/21 20:18:44.139848112, 3] callback_receive_banner: Received >>>>> banner: SSH-2.0-OpenSSH_4.3 >>>>> [1974/09/05 19:43:04.000019, 1] ssh_client_connection_callback: SSH >>>>> server banner: SSH-2.0-OpenSSH_4.3 >>>>> [1970/01/01 00:00:00.000000, 1] ssh_analyze_banner: Analyzing banner: >>>>> SSH-2.0-OpenSSH_4.3 >>>>> [1974/06/07 14:41:52.147642244, 1] ssh_analyze_banner: We are talking >>>>> to an OpenSSH client version: 4.3 (40300) >>>>> [1970/01/01 00:00:00.000000, 3] ssh_socket_unbuffered_write: Enabling >>>>> POLLOUT for socket >>>>> [1970/01/01 00:17:04.131080, 3] ssh_packet_socket_callback: packet: >>>>> read type 20 [len=700,padding=7,comp=692,payload=692] >>>>> [1974/08/13 22:00:40.145663148, 3] ssh_packet_process: Dispatching >>>>> handler for packet type 20 >>>>> [1970/02/23 18:37:26.147642212, 4] ssh_list_kex: kex algos: >>>>> diffie-hellman-group-exchange-sha1,diffie-hellman-group14- >>>>> sha1,diffie-hellman-group1-sha1 >>>>> >>>>> >>>>> >>>>> >>>>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: server host key >>>>> algo: >>>>> ssh-rsa,ssh-dss >>>>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: encryption >>>>> client->server: >>>>> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, >>>>> arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@xxxxxxxxxxxxxx >>>>> ,aes128-ctr,aes192-ctr,aes256-ctr >>>>> >>>>> >>>>> >>>>> >>>>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: encryption >>>>> server->client: >>>>> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, >>>>> arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@xxxxxxxxxxxxxx >>>>> ,aes128-ctr,aes192-ctr,aes256-ctr >>>>> >>>>> >>>>> >>>>> >>>>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: mac algo >>>>> client->server: >>>>> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx >>>>> ,hmac-sha1-96,hmac-md5-96 >>>>> >>>>> >>>>> >>>>> >>>>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: mac algo >>>>> server->client: >>>>> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx >>>>> ,hmac-sha1-96,hmac-md5-96 >>>>> >>>>> >>>>> >>>>> >>>>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: compression algo >>>>> client->server: none,zlib@xxxxxxxxxxx >>>>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: compression algo >>>>> server->client: none,zlib@xxxxxxxxxxx >>>>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: languages >>>>> client->server: >>>>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: languages >>>>> server->client: >>>>> [1970/01/01 00:00:00.000000, 4] ssh_list_kex: kex algos: >>>>> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 >>>>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: server host key algo: >>>>> ssh-rsa,ssh-dss >>>>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: encryption >>>>> client->server: >>>>> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc, >>>>> aes128-cbc,blowfish-cbc,3des-cbc,des-cbc-ssh1 >>>>> >>>>> >>>>> >>>>> >>>>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: encryption >>>>> server->client: >>>>> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc, >>>>> aes128-cbc,blowfish-cbc,3des-cbc,des-cbc-ssh1 >>>>> >>>>> >>>>> >>>>> >>>>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: mac algo >>>>> client->server: >>>>> hmac-sha1 >>>>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: mac algo >>>>> server->client: >>>>> hmac-sha1 >>>>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: compression algo >>>>> client->server: none >>>>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: compression algo >>>>> server->client: none >>>>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: languages >>>>> client->server: >>>>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: languages >>>>> server->client: >>>>> [1974/08/13 21:36:36.000000, 3] packet_send2: packet: wrote >>>>> [len=364,padding=6,comp=357,payload=357] >>>>> [1974/08/13 21:55:44.145662852, 3] packet_send2: packet: wrote >>>>> [len=12,padding=5,comp=6,payload=6] >>>>> [1970/01/01 00:00:00.000000, 3] ssh_socket_unbuffered_write: Enabling >>>>> POLLOUT for socket >>>>> [1970/01/01 00:17:04.131080, 3] ssh_packet_socket_callback: packet: >>>>> read type 1 [len=44,padding=4,comp=39,payload=39] >>>>> [1974/08/13 22:00:40.145663148, 3] ssh_packet_process: Dispatching >>>>> handler for packet type 1 >>>>> [1970/01/01 00:00:00.000000, 3] ssh_packet_disconnect_callback: >>>>> Received SSH_MSG_DISCONNECT 33554432:bad client public DH value >>>>> [1970/01/01 00:00:16.139880016, 1] ssh_packet_disconnect_callback: >>>>> Received SSH_MSG_DISCONNECT: 33554432:bad client public DH value >>>>> [1974/08/13 23:13:32.145667616, 3] ssh_connect: ssh_connect: Actual >>>>> state : 9 >>>>> ssh_connect failed: Received SSH_MSG_DISCONNECT: 33554432:bad client >>>>> public DH value >>>>> >>>>> >>>> >>>> >>>> >>> >> > > >
Re: Fwd: ssh_connect fails: Received SSH_MSG_DISCONNECT 33554432:bad client public DH value | Aris Adamantiadis <aris@xxxxxxxxxxxx> |
Re: ssh_connect fails: Received SSH_MSG_DISCONNECT 33554432:bad client public DH value | "Zvi Vered" <veredz72@xxxxxxxxx> |