[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Socket error: disconnected, Socket error: No error


Hi Yanis

the server obviously disconnects you after two failed login attempts
(ssh_userauth_none and ssh_userauth_password). Since you do not perform
any kind of error checking, you blindly continue with
ssh_userauth_kbdint which also fails because you are already
disconnected at this point ("Socket error: No error").

Calling ssh_userauth_none is normally used to fetch the list of
authentication methods supported by the server if you don't know them
beforehand. This list can be retrieved with ssh_userauth_list
afterwards. You should only attempt authentication methods which are in
this list (i.e. enabled on the server side).

Have a look at the authentication tutorial and the functions' return
codes to see how to properly deal with errors (checking for
!=SSH_AUTH_SUCCESS is not sufficient):
http://api.libssh.org/master/libssh_tutor_authentication.html

Regards,
Tilo

Am 26.09.2017 um 18:12 schrieb Yanis Kurganov:
> Hi!
> 
> I got a strange libssh error.
> 
> if (ssh_userauth_none(m_Session, nullptr) != SSH_AUTH_SUCCESS)
> {
> if (ssh_userauth_password(m_Session, nullptr,
> m_Settings->Password().c_str()) != SSH_AUTH_SUCCESS)
>   {
>       while ((code = ssh_userauth_kbdint(m_Session, nullptr, nullptr))
> == SSH_AUTH_INFO)
>       .....
>   }
> }
> 
> ssh_connect: libssh 0.7.5 (c) 2003-2014 Aris Adamantiadis, Andreas
> Schneider, and libssh contributors. Distributed under the LGPL, please
> refer to COPYING file for information about your rights, using threading
> threads_noop
> getai: host 10.67.41.242 matches an IP address
> ssh_socket_connect: Nonblocking connection socket: 1336
> ssh_connect: Socket connecting, now waiting for the callbacks to work
> ssh_connect: Actual timeout : 60000
> ssh_socket_pollcallback: Received POLLOUT in connecting state
> socket_callback_connected: Socket connection callback: 1 (0)
> callback_receive_banner: Received banner:
> SSH-2.0-OpenSSH_7.3p1+sftpfilecontrol-v1.3-hpn14v11
> ssh_client_connection_callback: SSH server banner:
> SSH-2.0-OpenSSH_7.3p1+sftpfilecontrol-v1.3-hpn14v11
> ssh_analyze_banner: Analyzing banner:
> SSH-2.0-OpenSSH_7.3p1+sftpfilecontrol-v1.3-hpn14v11
> ssh_analyze_banner: We are talking to an OpenSSH client version: 7.3 (70300)
> ssh_socket_unbuffered_write: Enabling POLLOUT for socket
> ssh_packet_socket_callback: packet: read type 20
> [len=988,padding=4,comp=983,payload=983]
> ssh_packet_process: Dispatching handler for packet type 20
> ssh_list_kex: kex algos: curve25519-sha256@xxxxxxxxxx
> <mailto:curve25519-sha256@xxxxxxxxxx>,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
> ssh_list_kex: server host key algo:
> ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
> ssh_list_kex: encryption client->server:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
> ssh_list_kex: encryption server->client:
> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
> ssh_list_kex: mac algo client->server: umac-64-etm@xxxxxxxxxxx
> <mailto:umac-64-etm@xxxxxxxxxxx>,umac-128-etm@xxxxxxxxxxx
> <mailto:umac-128-etm@xxxxxxxxxxx>,hmac-sha2-256-etm@xxxxxxxxxxx
> <mailto:hmac-sha2-256-etm@xxxxxxxxxxx>,hmac-sha2-512-etm@xxxxxxxxxxx
> <mailto:hmac-sha2-512-etm@xxxxxxxxxxx>,hmac-sha1-etm@xxxxxxxxxxx
> <mailto:hmac-sha1-etm@xxxxxxxxxxx>,umac-64@xxxxxxxxxxx
> <mailto:umac-64@xxxxxxxxxxx>,umac-128@xxxxxxxxxxx
> <mailto:umac-128@xxxxxxxxxxx>,hmac-sha2-256,hmac-sha2-512,hmac-sha1
> ssh_list_kex: mac algo server->client: umac-64-etm@xxxxxxxxxxx
> <mailto:umac-64-etm@xxxxxxxxxxx>,umac-128-etm@xxxxxxxxxxx
> <mailto:umac-128-etm@xxxxxxxxxxx>,hmac-sha2-256-etm@xxxxxxxxxxx
> <mailto:hmac-sha2-256-etm@xxxxxxxxxxx>,hmac-sha2-512-etm@xxxxxxxxxxx
> <mailto:hmac-sha2-512-etm@xxxxxxxxxxx>,hmac-sha1-etm@xxxxxxxxxxx
> <mailto:hmac-sha1-etm@xxxxxxxxxxx>,umac-64@xxxxxxxxxxx
> <mailto:umac-64@xxxxxxxxxxx>,umac-128@xxxxxxxxxxx
> <mailto:umac-128@xxxxxxxxxxx>,hmac-sha2-256,hmac-sha2-512,hmac-sha1
> ssh_list_kex: compression algo client->server: none,zlib@xxxxxxxxxxx
> <mailto:zlib@xxxxxxxxxxx>
> ssh_list_kex: compression algo server->client: none,zlib@xxxxxxxxxxx
> <mailto:zlib@xxxxxxxxxxx>
> ssh_list_kex: languages client->server: 
> ssh_list_kex: languages server->client: 
> ssh_list_kex: kex algos: curve25519-sha256@xxxxxxxxxx
> <mailto:curve25519-sha256@xxxxxxxxxx>,ecdh-sha2-nistp256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> ssh_list_kex: server host key algo:
> ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss
> ssh_list_kex: encryption client->server:
> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
> ssh_list_kex: encryption server->client:
> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
> ssh_list_kex: mac algo client->server: hmac-sha2-256,hmac-sha2-512,hmac-sha1
> ssh_list_kex: mac algo server->client: hmac-sha2-256,hmac-sha2-512,hmac-sha1
> ssh_list_kex: compression algo client->server: none
> ssh_list_kex: compression algo server->client: none
> ssh_list_kex: languages client->server: 
> ssh_list_kex: languages server->client: 
> ssh_socket_unbuffered_write: Enabling POLLOUT for socket
> packet_send2: packet: wrote [len=588,padding=8,comp=579,payload=579]
> packet_send2: packet: wrote [len=44,padding=6,comp=37,payload=37]
> ssh_socket_unbuffered_write: Enabling POLLOUT for socket
> ssh_packet_socket_callback: packet: read type 31
> [len=188,padding=8,comp=179,payload=179]
> ssh_packet_process: Dispatching handler for packet type 31
> ssh_packet_dh_reply: Received SSH_MSG_KEXDH_REPLY
> ssh_socket_unbuffered_write: Enabling POLLOUT for socket
> packet_send2: packet: wrote [len=12,padding=10,comp=1,payload=1]
> ssh_client_curve25519_reply: SSH_MSG_NEWKEYS sent
> ssh_packet_socket_callback: Processing 16 bytes left in socket buffer
> ssh_packet_socket_callback: packet: read type 21
> [len=12,padding=10,comp=1,payload=1]
> ssh_packet_process: Dispatching handler for packet type 21
> ssh_packet_newkeys: Received SSH_MSG_NEWKEYS
> crypt_set_algorithms2: Set output algorithm to aes256-ctr
> crypt_set_algorithms2: Set HMAC output algorithm to hmac-sha2-256
> crypt_set_algorithms2: Set input algorithm to aes256-ctr
> crypt_set_algorithms2: Set HMAC output algorithm to hmac-sha2-256
> ssh_pki_signature_verify_blob: Going to verify a ssh-ed25519 type signature
> ssh_packet_newkeys: Signature verified and valid
> ssh_connect: current state : 7
> packet_send2: packet: wrote [len=28,padding=10,comp=17,payload=17]
> ssh_service_request: Sent SSH_MSG_SERVICE_REQUEST (service ssh-userauth)
> ssh_socket_unbuffered_write: Enabling POLLOUT for socket
> ssh_packet_socket_callback: packet: read type 6
> [len=28,padding=10,comp=17,payload=17]
> ssh_packet_process: Dispatching handler for packet type 6
> ssh_packet_service_accept: Received SSH_MSG_SERVICE_ACCEPT
> ssh_socket_unbuffered_write: Enabling POLLOUT for socket
> packet_send2: packet: wrote [len=44,padding=8,comp=35,payload=35]
> ssh_packet_socket_callback: packet: read type 51
> [len=60,padding=14,comp=45,payload=45]
> ssh_packet_process: Dispatching handler for packet type 51
> ssh_packet_userauth_failure: Access denied. Authentication that can
> continue: publickey,password,keyboard-interactive
> ssh_packet_userauth_failure: Access denied. Authentication that can
> continue: publickey,password,keyboard-interactive
> ssh_socket_unbuffered_write: Enabling POLLOUT for socket
> packet_send2: packet: wrote [len=60,padding=7,comp=52,payload=52]
> ssh_socket_exception_callback: Socket exception callback: 1 (0)
> ssh_socket_exception_callback: Socket error: disconnected
> ssh_userauth_kbdint_init: Sending keyboard-interactive init request
> ssh_socket_exception_callback: Socket exception callback: 2 (0)
> ssh_socket_exception_callback: Socket error: No error
> packet_send2: packet: wrote [len=76,padding=16,comp=59,payload=59]
> 
> "Socket error: disconnected" - stable reproduction.
> "Socket error: No error" - what does this mean?
> 
> Regards,
> Yanis.


Follow-Ups:
Re: Socket error: disconnected, Socket error: No errorYanis Kurganov <yanis.kurganov@xxxxxxxxx>
References:
Socket error: disconnected, Socket error: No errorYanis Kurganov <yanis.kurganov@xxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org