Re: Can't connect with some clients

[Jakub Jelen <jjelen@xxxxxxxxxx>]

On 1/13/21 5:13 PM, Emiliano Gonzalez wrote:
> Solved!!!
> I'm using mbedcrypto and do not have ChaCha20-Poly1305. Disabling this 
> cypher works ok.
> But it is allowed to enable in this situation ChaCha20 and 
> cipher->max_blocks = ((uint64_t)1 << 30) / cipher->blocksize crash with 
> division by zero.
> Shouldn't this situation be controlled? It is not an error?

There were couple of bugs in chacha20-poly1350 implementation that 
should be fixed with the following PR:

https://gitlab.com/libssh/libssh-mirror/-/merge_requests/150

Can you check that the PR solves the for you?

Jakub

> El mié, 13 de ene. de 2021 a la(s) 07:58, Jakub Jelen (jjelen@xxxxxxxxxx 
> <mailto:jjelen@xxxxxxxxxx>) escribió:
>
>     On 1/12/21 4:09 PM, Emiliano Gonzalez wrote:
>      > I have a ssh server.
>      >
>      > When I connect with the client on Fedora 32 ssh there are no
>     problems.
>      >
>      > With PuTTY: Release 0.74 I can't connect with error: Couldn't
>     agree a
>      > host key algorithm (available: rsa-sha2-512, rsa-sha2-256)
>
>     That sounds like an issue of PuTTY, that it can not use the RSA SHA2
>     hostkey algorithms from RFC8332.
>
>     As a workaround, you can configure your server with different hostkeys
>     (ed25519) so incompatible clients can connect too.
>
>      >  From Centos 7 ssh server crash. In packet.c (line 1862):
>      >
>      > |/* For smaller blocks use limit of 1 GB as recommended in
>     RFC4253 */
>      > cipher->max_blocks = ((uint64_t)1 << 30) / cipher->blocksize; |
>      >
>      > cipher->blocksize is 0;
>
>     What cipher is used for this connection? There is no cipher that would
>     have blocksize == 0.
>
>     Can you get a debug log?
>
>     Regards,
>     -- 
>     Jakub Jelen
>     Senior Software Engineer
>     Crypto Team, Security Engineering
>     Red Hat, Inc.


--
Jakub Jelen
Senior Software Engineer
Crypto Team, Security Engineering
Red Hat, Inc.