Re: libssh 0.8.4 with Cisco router

[jijo thomas <jijo7thomas@xxxxxxxxx>]

Hi Meng,

Thank you for the patch. It worked for us. Verified it in Cisco IOS 12.4,
15.4 and Ubuntu 16.04

Regards,
Jijo


On Tue, Oct 23, 2018 at 9:39 PM Meng Hourk Tan <mtan@xxxxxxxxxx> wrote:

> Hello,
>
> I had the same issue with some Cisco router:
>
> Some Cisco IOS do not send kex if they send the banner last (libssh as a
> client sent it first).
>
> In this situation, both libssh client and Cisco IOS server hang.
>
> Libssh client should send kex init as soon as banners are exchanged.
>
>
> I attached a patch that fix this issue.
> Regards,
>
>
> Meng
> ------------------------------
> *De :* jijo thomas <jijo7thomas@xxxxxxxxx>
> *Envoyé :* mardi 23 octobre 2018 08:48:02
> *À :* libssh@xxxxxxxxxx
> *Objet :* libssh 0.8.4 with Cisco router
>
> Hi,
>
> I compiled libssh 0.8.4 in Windows
>
> Then ran into a strange issue with libssh 0.8.4 while working with Cisco
> router (ios ver 15.4) while executing the sample exec.c from the bundle.
>
> The ssh connection to the device is getting established alternatively. ie)
> It fails once at analyzing banner. if I try again, it'll work fine.
>
> Following is the log.
>
> Attempt 1
> exec.exe x.x.x.x
> [2018/10/23 11:43:55.012458, 2] ssh_connect:  libssh 0.8.4 (c) 2003-2018
> Aris Ad
> amantiadis, Andreas Schneider and libssh contributors. Distributed under
> the LGP
> L, please refer to COPYING file for information about your rights, using
> threadi
> ng threads_winlock
> [2018/10/23 11:43:55.015458, 2] ssh_socket_connect:  Nonblocking
> connection sock
> et: 196
> [2018/10/23 11:43:55.016458, 2] ssh_connect:  Socket connecting, now
> waiting for
>  the callbacks to work
> [2018/10/23 11:43:55.531488, 1] socket_callback_connected:  Socket
> connection ca
> llback: 1 (0)
> [2018/10/23 11:43:56.128522, 1] ssh_client_connection_callback:  SSH
> server bann
> er: SSH-2.0-Cisco-1.25
> [2018/10/23 11:43:56.129522, 1] ssh_analyze_banner:  Analyzing banner:
> SSH-2.0-C
> isco-1.25
> [2018/10/23 11:44:05.018031, 1] ssh_connect:  Timeout connecting to x.x.x.x
> Connection failed : Timeout connecting to x.x.x.x
>
> Attempt 2
>
> exec.exe x.x.x.x
> [2018/10/23 11:59:31.880044, 2] ssh_connect:  libssh 0.8.4 (c) 2003-2018
> Aris Ad
> amantiadis, Andreas Schneider and libssh contributors. Distributed under
> the LGP
> L, please refer to COPYING file for information about your rights, using
> threadi
> ng threads_winlock
> [2018/10/23 11:59:31.882044, 2] ssh_socket_connect:  Nonblocking
> connection sock
> et: 196
> [2018/10/23 11:59:31.883044, 2] ssh_connect:  Socket connecting, now
> waiting for
>  the callbacks to work
> [2018/10/23 11:59:32.391073, 1] socket_callback_connected:  Socket
> connection ca
> llback: 1 (0)
> [2018/10/23 11:59:32.899102, 1] ssh_client_connection_callback:  SSH
> server bann
> er: SSH-2.0-Cisco-1.25
> [2018/10/23 11:59:32.900102, 1] ssh_analyze_banner:  Analyzing banner:
> SSH-2.0-C
> isco-1.25
> [2018/10/23 11:59:32.905103, 2] ssh_kex_select_methods:  Negotiated
> diffie-hellm
>
> an-group14-sha1,ssh-rsa,aes256-ctr,aes256-ctr,hmac-sha1,hmac-sha1,none,none,,
> [2018/10/23 11:59:34.053168, 2] ssh_packet_dh_reply:  Received
> SSH_KEXDH_REPLY
> [2018/10/23 11:59:34.064169, 2] ssh_client_dh_reply:  SSH_MSG_NEWKEYS sent
> [2018/10/23 11:59:34.561197, 2] ssh_packet_newkeys:  Received
> SSH_MSG_NEWKEYS
> [2018/10/23 11:59:34.563197, 2] ssh_packet_newkeys:  Signature verified
> and vali
> d
> [2018/10/23 11:59:35.793268, 1] ssh_packet_userauth_failure:  Access
> denied for
> 'none'. Authentication that can continue:
> publickey,keyboard-interactive,passwor
> d
> [2018/10/23 11:59:35.794268, 2] ssh_packet_userauth_failure:  Access
> denied for
> 'none'. Authentication that can continue:
> publickey,keyboard-interactive,passwor
> d
>
> .
> .
> .
>
> [2018/10/23 11:59:35.803268, 2] ssh_userauth_publickey_auto:  Tried every
> public
>  key, none matched
> Password:
> [2018/10/23 11:59:38.955449, 2] channel_open:  Creating a channel 43 with
> 64000
> window and 32768 max packet
> [2018/10/23 11:59:39.463478, 2] ssh_packet_channel_open_conf:  Received a
> CHANNE
> L_OPEN_CONFIRMATION for channel 43:3
> [2018/10/23 11:59:39.464478, 2] ssh_packet_channel_open_conf:  Remote
> window : 8
> 192, maxpacket : 4096
> [2018/10/23 11:59:39.974507, 2] channel_request:  Channel request exec
> success
> [2018/10/23 11:59:39.975507, 2] grow_window:  growing window (channel
> 43:3) to 1
> 280000 bytes
>
> 22:29:39.716 PST Mon Oct 22 2018
>
>
>
>