[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK


Hi Charles,

Thanks for your bug report. It looks like 3des support is partially
supported in the headers and we end up with a build that advertise a
cipher that's not supported (but should be ?) I don't understand why
libssh didn't try to negotiate an AES mode.
Could you tell us which compiler you used and which windows version? Did
you use a git version or the tarball on the website?

Thanks,

Aris

Le 13/05/15 16:23, Charles@Hinet a écrit :
>
> Hello,
>
>  
>
> I’ve using 0.6.5 (with openssl 0.9.8zc) on Windows platform.
>
> And, works fine.
>
>  
>
> When I upgrade libssh to 0.7.0 (with same openssl 0.9.8zc) I got the
> following error message
>
>     crypt_set_algorithms2: crypt_set_algorithms2: no crypto algorithm
> function found for 3des-cbc
>
>  
>
> Below was the log message from libssh 0.6.5 & 0.7.0, could you help me
> solve this problem?
>
>  
>
> ===== Log from 0.6.5 ===========
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: kex algos:
> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: server host key
> algo: ssh-dss
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
> client->server:
> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
> server->client:
> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
> client->server:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
> server->client:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
> client->server: none,zlib
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
> server->client: none,zlib
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
> client->server:
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
> server->client:
>
> (Wed May 13 17:11:57 2015):[394536] ssh_knownhosts_algorithms: server
> 172.16.210.28:0 has ssh-dss in known_hosts
>
> (Wed May 13 17:11:57 2015):[394536] ssh_knownhosts_algorithms: server
> 172.16.210.28:0 has ssh-dss in known_hosts
>
> (Wed May 13 17:11:57 2015):[394536] ssh_knownhosts_algorithms: server
> 172.16.210.28:0 has ssh-dss in known_hosts
>
> (Wed May 13 17:11:57 2015):[394536] ssh_client_select_hostkeys:
> Changing host key method to "ssh-dss"
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: kex algos:
> curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: server host key
> algo: ssh-dss
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
> client->server:
> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,des-cbc-ssh1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: encryption
> server->client:
> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,des-cbc-ssh1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
> client->server: hmac-sha1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: mac algo
> server->client: hmac-sha1
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
> client->server: none
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: compression algo
> server->client: none
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
> client->server:
>
> (Wed May 13 17:11:57 2015):[394536] ssh_list_kex: languages
> server->client:
>
> (Wed May 13 17:11:57 2015):[394536] ssh_socket_unbuffered_write:
> Enabling POLLOUT for socket
>
> (Wed May 13 17:11:57 2015):[394536] packet_send2: packet: wrote
> [len=404,padding=6,comp=397,payload=397]
>
> (Wed May 13 17:11:57 2015):[394536] packet_send2: packet: wrote
> [len=268,padding=5,comp=262,payload=262]
>
> (Wed May 13 17:11:57 2015):[394536] ssh_socket_unbuffered_write:
> Enabling POLLOUT for socket
>
> (Wed May 13 17:11:57 2015):[394536] ssh_packet_socket_callback:
> packet: read type 31 [len=764,padding=5,comp=758,payload=758]
>
> (Wed May 13 17:11:57 2015):[394536] ssh_packet_process: Dispatching
> handler for packet type 31
>
> (Wed May 13 17:11:57 2015):[394536] ssh_packet_dh_reply: Received
> SSH_KEXDH_REPLY
>
>  
>
>  
>
> ===== Log from 0.7.0 ========
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: kex algos:
> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: server host key
> algo: ssh-dss
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
> client->server:
> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
> server->client:
> aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour,cast128-cbc,aes256-ctr,twofish256-ctr,twofish-ctr,aes128-ctr,twofish128-ctr,blowfish-ctr,3des-ctr,cast128-ctr
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
> client->server:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
> server->client:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5,hmac-sha1-96,hmac-md5-96
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
> client->server: none,zlib
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
> server->client: none,zlib
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
> client->server:
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
> server->client:
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: kex algos:
> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: server host key
> algo: ssh-ed25519,ssh-rsa,ssh-dss
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
> client->server: 3des-cbc
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: encryption
> server->client: 3des-cbc
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
> client->server: hmac-sha1,hmac-sha2-256,hmac-sha2-512
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: mac algo
> server->client: hmac-sha1,hmac-sha2-256,hmac-sha2-512
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
> client->server: none
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: compression algo
> server->client: none
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
> client->server:
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_list_kex: languages
> server->client:
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_socket_unbuffered_write:
> Enabling POLLOUT for socket
>
> (Wed May 13 14:15:53 2015):[6947732] packet_send2: packet: wrote
> [len=252,padding=10,comp=241,payload=241]
>
> (Wed May 13 14:15:53 2015):[6947732] packet_send2: packet: wrote
> [len=268,padding=6,comp=261,payload=261]
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_socket_unbuffered_write:
> Enabling POLLOUT for socket
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_socket_callback:
> packet: read type 31 [len=764,padding=6,comp=757,payload=757]
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_process: Dispatching
> handler for packet type 31
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_dh_reply: Received
> SSH_KEXDH_REPLY
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_socket_unbuffered_write:
> Enabling POLLOUT for socket
>
> (Wed May 13 14:15:53 2015):[6947732] packet_send2: packet: wrote
> [len=12,padding=10,comp=1,payload=1]
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_client_dh_reply:
> SSH_MSG_NEWKEYS sent
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_socket_callback:
> Processing 16 bytes left in socket buffer
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_socket_callback:
> packet: read type 21 [len=12,padding=10,comp=1,payload=1]
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_process: Dispatching
> handler for packet type 21
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_packet_newkeys: Received
> SSH_MSG_NEWKEYS
>
> (Wed May 13 14:15:53 2015):[6947732] crypt_set_algorithms2:
> crypt_set_algorithms2: no crypto algorithm function found for 3des-cbc
>
> (Wed May 13 14:15:53 2015):[6947732] ssh_connect: current state : 9
>


Follow-Ups:
RE: libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK"Charles@Hinet" <cylee@xxxxxxxxxxxxxx>
References:
libssh 0.7.0 ssh_connect() failed but 0.6.5 was OK"Charles@Hinet" <cylee@xxxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org