[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Seeking guidance on the proxy example program

Subject: Seeking guidance on the proxy example program
From: Karl Scott <karlscottbg@xxxxxxxxx>
Reply-to: libssh@xxxxxxxxxx
Date: Sun, 13 Sep 2015 15:36:14 -0700
To: libssh@xxxxxxxxxx
Hello folks,

I'm new to libssh, and ultimately I'd like to implement my own SSH proxy. I
followed all the instructions, including building and running the
"samplessh" program on Linux Mint 17.1. I was able to SSH into my server
using this first example program.

But, I'm currently trying to run the "proxy" example, but I am having some
trouble. The error I get is: "Sorry, but you do not have forwardable
tickets. Try again with -K". I of course did try to run ssh with the -K
flag, but that didn't seem to work.

Here is the output from running the proxy example -- I have removed my own
debug prints. I will post the result of SSHing in below.

*kscott@comp ~/Downloads/libssh-0.7.1/build/examples $ sudo ./proxy
--rsakey=id_rsa -p 22 localhost --verbose*
[sudo] password for kscott:
[2015/09/11 18:18:22.580909, 3] ssh_socket_pollcallback:  Received POLLOUT
in connecting state
[2015/09/11 18:18:22.580981, 3] ssh_socket_unbuffered_write:  Enabling
POLLOUT for socket
[2015/09/11 18:18:22.581021, 3] callback_receive_banner:  Received banner:
SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
[2015/09/11 18:18:22.581033, 1] ssh_server_connection_callback:  SSH client
banner: SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
[2015/09/11 18:18:22.581041, 1] ssh_analyze_banner:  Analyzing banner:
SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3
[2015/09/11 18:18:22.581053, 1] ssh_analyze_banner:  We are talking to an
OpenSSH client version: 6.6 (60600)
[2015/09/11 18:18:22.581088, 3] ssh_socket_unbuffered_write:  Enabling
POLLOUT for socket
[2015/09/11 18:18:22.581096, 3] packet_send2:  packet: wrote
[len=508,padding=10,comp=497,payload=497]
[2015/09/11 18:18:22.581351, 3] ssh_packet_socket_callback:  packet: read
type 20 [len=1964,padding=8,comp=1955,payload=1955]
[2015/09/11 18:18:22.581361, 3] ssh_packet_process:  Dispatching handler
for packet type 20
[2015/09/11 18:18:22.581404, 3] crypt_set_algorithms_server:  Set output
algorithm aes128-ctr
[2015/09/11 18:18:22.581412, 3] crypt_set_algorithms_server:  Set input
algorithm aes128-ctr
[2015/09/11 18:18:22.581418, 3] crypt_set_algorithms_server:  Set HMAC
output algorithm to hmac-sha1
[2015/09/11 18:18:22.581425, 3] crypt_set_algorithms_server:  Set HMAC
input algorithm to hmac-sha1
[2015/09/11 18:18:22.586281, 3] ssh_packet_socket_callback:  packet: read
type 30 [len=44,padding=6,comp=37,payload=37]
[2015/09/11 18:18:22.586291, 3] ssh_packet_process:  Dispatching handler
for packet type 30
[2015/09/11 18:18:22.586297, 3] ssh_packet_kexdh_init:  Received
SSH_MSG_KEXDH_INIT
[2015/09/11 18:18:22.618316, 2] ssh_server_curve25519_init:
SSH_MSG_KEX_ECDH_REPLY sent
[2015/09/11 18:18:22.618355, 3] ssh_socket_unbuffered_write:  Enabling
POLLOUT for socket
[2015/09/11 18:18:22.618374, 3] packet_send2:  packet: wrote
[len=604,padding=8,comp=595,payload=595]
[2015/09/11 18:18:22.618399, 3] packet_send2:  packet: wrote
[len=12,padding=10,comp=1,payload=1]
[2015/09/11 18:18:22.618414, 2] ssh_server_curve25519_init:
SSH_MSG_NEWKEYS sent
[2015/09/11 18:18:22.618433, 3] ssh_socket_unbuffered_write:  Enabling
POLLOUT for socket
[2015/09/11 18:18:22.623542, 3] ssh_packet_socket_callback:  packet: read
type 21 [len=12,padding=10,comp=1,payload=1]
[2015/09/11 18:18:22.623712, 3] ssh_packet_process:  Dispatching handler
for packet type 21
[2015/09/11 18:18:22.623734, 2] ssh_packet_newkeys:  Received
SSH_MSG_NEWKEYS
[2015/09/11 18:18:22.623770, 3] ssh_handle_key_exchange:
ssh_handle_key_exchange: current state : 7
[2015/09/11 18:18:22.623831, 3] ssh_packet_socket_callback:  packet: read
type 5 [len=28,padding=10,comp=17,payload=17]
[2015/09/11 18:18:22.623851, 3] ssh_packet_process:  Dispatching handler
for packet type 5
[2015/09/11 18:18:22.623871, 3] ssh_packet_service_request:  Received a
SERVICE_REQUEST for service ssh-userauth
[2015/09/11 18:18:22.623898, 3] ssh_message_service_reply_success:  Sending
a SERVICE_ACCEPT for service ssh-userauth
[2015/09/11 18:18:22.623935, 3] ssh_socket_unbuffered_write:  Enabling
POLLOUT for socket
[2015/09/11 18:18:22.623964, 3] packet_send2:  packet: wrote
[len=28,padding=10,comp=17,payload=17]
[2015/09/11 18:18:22.624048, 3] ssh_packet_socket_callback:  packet: read
type 50 [len=44,padding=6,comp=37,payload=37]
[2015/09/11 18:18:22.624069, 3] ssh_packet_process:  Dispatching handler
for packet type 50
[2015/09/11 18:18:22.624089, 3] ssh_packet_userauth_request:  Auth request
for service ssh-connection, method none for user 'myuser'
[2015/09/11 18:18:22.624114, 3] ssh_auth_reply_default:  Sending a auth
failure. methods that can continue: gssapi-with-mic,password
[2015/09/11 18:18:22.624154, 3] ssh_socket_unbuffered_write:  Enabling
POLLOUT for socket
[2015/09/11 18:18:22.624180, 3] packet_send2:  packet: wrote
[len=44,padding=13,comp=30,payload=30]
[2015/09/11 18:18:30.952250, 3] ssh_packet_socket_callback:  packet: read
type 50 [len=124,padding=67,comp=56,payload=56]
[2015/09/11 18:18:30.952276, 3] ssh_packet_process:  Dispatching handler
for packet type 50
[2015/09/11 18:18:30.952284, 3] ssh_packet_userauth_request:  Auth request
for service ssh-connection, method password for user 'myuser'
Authenticating user myuser pwd mypassword
Authenticated
[2015/09/11 18:18:30.952327, 3] ssh_socket_unbuffered_write:  Enabling
POLLOUT for socket
[2015/09/11 18:18:30.952335, 3] packet_send2:  packet: wrote
[len=12,padding=10,comp=1,payload=1]
[2015/09/11 18:18:30.952461, 3] ssh_packet_socket_callback:  packet: read
type 90 [len=44,padding=19,comp=24,payload=24]
[2015/09/11 18:18:30.952471, 3] ssh_packet_process:  Dispatching handler
for packet type 90
[2015/09/11 18:18:30.952478, 3] ssh_packet_channel_open:  Clients wants to
open a session channel
Allocated session channel
[2015/09/11 18:18:30.952494, 3]
ssh_message_channel_request_open_reply_accept_channel:  Accepting a channel
request_open for chan 0
[2015/09/11 18:18:30.952515, 3] ssh_socket_unbuffered_write:  Enabling
POLLOUT for socket
[2015/09/11 18:18:30.952523, 3] packet_send2:  packet: wrote
[len=28,padding=10,comp=17,payload=17]
Authenticated and got a channel
[2015/09/11 18:18:30.952546, 3] packet_send2:  packet: wrote
[len=92,padding=15,comp=76,payload=76]
[2015/09/11 18:18:30.952554, 3] channel_write_common:  channel_write wrote
67 bytes
[2015/09/11 18:18:30.952564, 3] ssh_socket_unbuffered_write:  Enabling
POLLOUT for socket
*Sorry, but you do not have forwardable tickets. Try again with -K*
[2015/09/11 18:18:30.952581, 3] packet_send2:  packet: wrote
[len=28,padding=11,comp=16,payload=16]
kscott@comp ~/Downloads/libssh-0.7.1/build/examples $


So, the above is the output that shows up when I try to SSH in like so:

*kscott@comp ~/Downloads/libssh-0.7.1/build/examples $ ssh  -k
myuser@localhost*
myuser@localhost's password:
*Sorry, but you do not have forwardable tickets. Try again with -K*
Connection to localhost closed by remote host.
Connection to localhost closed.
kscott@comp ~/Downloads/libssh-0.7.1/build/examples $

I have also tried it without the -K flag, but no no avail. I looked through
the code and it looks like the callback to set the client_creds never
happens in the course of the proxy example -- this is related to the gssapi
somehow, but I'm not entirely sure.

Does anyone have any ideas here? I'm just trying to get the base example
working to get started.

Thank you very much,

Karl
Follow-Ups:
Re: Seeking guidance on the proxy example program	Andreas Schneider <asn@xxxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org