[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ssh_connect fails: Received SSH_MSG_DISCONNECT 33554432:bad client public DH value

Hi Aris,

I will do it on sunday when I'm back at work.

Thanks,
Zvika


On Thu, Apr 24, 2014 at 11:57 PM, Aris Adamantiadis <aris@xxxxxxxxxxxx>wrote:

> Please upload you .cap to cloudshark.org or attach it to the email, I
> can't help without seeing the content of packets.
>
> Aris
> Le 24/04/14 22:46, Zvi Vered a écrit :
> > Hi Aris,
> >
> > Is it possible to upload files ?
> >
> > Attached a snapshot from wireshark.
> > It starts from the ARP request the clients sends till "Server:
> > Disconnect".
> >
> > Thanks,
> > Zvika
> >
> > -----Original Message----- From: Aris Adamantiadis
> > Sent: Thursday, April 24, 2014 10:52 PM
> > To: libssh@xxxxxxxxxx
> > Subject: Re: ssh_connect fails: Received SSH_MSG_DISCONNECT
> > 33554432:bad client public DH value
> >
> > Can you please record a tcpdump capture with tcpdump or wireshark and
> > post it on cloudshark ? This happens pre-encryption.
> >
> > Aris
> > Le 24/04/14 21:45, Zvi Vered a écrit :
> >> Hi Aris,
> >>
> >> It happens every time.
> >>
> >> Thanks,
> >> Zvika
> >>
> >> -----Original Message----- From: Aris Adamantiadis
> >> Sent: Thursday, April 24, 2014 9:23 PM
> >> To: libssh@xxxxxxxxxx
> >> Subject: Re: ssh_connect fails: Received SSH_MSG_DISCONNECT
> >> 33554432:bad client public DH value
> >>
> >> Hi,
> >>
> >> Does it happen every time you connect or only sometimes ? It's very
> >> strange.
> >>
> >> Aris
> >> Le 24/04/14 20:14, Zvi Vered a écrit :
> >>> Dear Members,
> >>>
> >>> I ported libssh-0.6.3 and openssl-1.0.1g to vxWorks 6.9.2 (with very
> >>> few code changes).
> >>>
> >>> Upon ssh_connect I got the messages listed below.
> >>>
> >>> As you can see the connection fails and the final message is:
> >>>
> >>> ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT
> >>> 33554432:bad client public DH value
> >>>
> >>> On the server side (running under RHEL 5.3) I got the following
> >>> messages in /var/log/secure:
> >>>
> >>> expecting SSH2_MSG_KEXDH_INIT
> >>> invalid public DH value (1 / 2048)
> >>> Disconnecting: bad client public DH value
> >>>
> >>> What can cause this problem ?
> >>>
> >>> Thanks,
> >>> Zvika
> >>>
> >>>
> -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> >>>
> >>>
> >>>
> >>> -> [1970/01/01 00:00:00.000000, 1] ssh_connect: libssh 0.6.3 (c)
> >>> 2003-2014 Aris Adamantiadis, Andreas Schneider, and libssh
> >>> contributors. Distributed under the LGPL, please refer to COPYING file
> >>> for information about your rights, using threading threads_noop
> >>> [1970/01/01 00:00:00.000064, 3] getai: host 128.172.82.55 matches an
> >>> IP address
> >>> [1970/01/01 00:00:00.000000, 2] ssh_socket_connect: Nonblocking
> >>> connection socket: 6
> >>> [1970/01/01 00:00:00.808925489, 2] ssh_connect: Socket connecting, now
> >>> waiting for the callbacks to work
> >>> [1974/09/05 19:44:04.145667616, 3] ssh_connect: ssh_connect: Actual
> >>> timeout : 10000
> >>> [2097/01/10 06:02:22.-286331154, 3] ssh_socket_pollcallback: Received
> >>> POLLOUT in connecting state
> >>> [2097/01/10 06:02:22.139554400, 1] socket_callback_connected: Socket
> >>> connection callback: 1 (0)
> >>> [1970/02/21 20:18:44.139848112, 3] callback_receive_banner: Received
> >>> banner: SSH-2.0-OpenSSH_4.3
> >>> [1974/09/05 19:43:04.000019, 1] ssh_client_connection_callback: SSH
> >>> server banner: SSH-2.0-OpenSSH_4.3
> >>> [1970/01/01 00:00:00.000000, 1] ssh_analyze_banner: Analyzing banner:
> >>> SSH-2.0-OpenSSH_4.3
> >>> [1974/06/07 14:41:52.147642244, 1] ssh_analyze_banner: We are talking
> >>> to an OpenSSH client version: 4.3 (40300)
> >>> [1970/01/01 00:00:00.000000, 3] ssh_socket_unbuffered_write: Enabling
> >>> POLLOUT for socket
> >>> [1970/01/01 00:17:04.131080, 3] ssh_packet_socket_callback: packet:
> >>> read type 20 [len=700,padding=7,comp=692,payload=692]
> >>> [1974/08/13 22:00:40.145663148, 3] ssh_packet_process: Dispatching
> >>> handler for packet type 20
> >>> [1970/02/23 18:37:26.147642212, 4] ssh_list_kex: kex algos:
> >>>
> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> >>>
> >>>
> >>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: server host key algo:
> >>> ssh-rsa,ssh-dss
> >>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: encryption
> >>> client->server:
> >>>
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
> rijndael-cbc@xxxxxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr
> >>>
> >>>
> >>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: encryption
> >>> server->client:
> >>>
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,
> rijndael-cbc@xxxxxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr
> >>>
> >>>
> >>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: mac algo
> >>> client->server:
> >>> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx
> ,hmac-sha1-96,hmac-md5-96
> >>>
> >>>
> >>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: mac algo
> >>> server->client:
> >>> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx
> ,hmac-sha1-96,hmac-md5-96
> >>>
> >>>
> >>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: compression algo
> >>> client->server: none,zlib@xxxxxxxxxxx
> >>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: compression algo
> >>> server->client: none,zlib@xxxxxxxxxxx
> >>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: languages
> >>> client->server:
> >>> [1974/08/13 21:56:40.147642212, 4] ssh_list_kex: languages
> >>> server->client:
> >>> [1970/01/01 00:00:00.000000, 4] ssh_list_kex: kex algos:
> >>> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> >>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: server host key algo:
> >>> ssh-rsa,ssh-dss
> >>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: encryption
> >>> client->server:
> >>>
> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,des-cbc-ssh1
> >>>
> >>>
> >>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: encryption
> >>> server->client:
> >>>
> aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,des-cbc-ssh1
> >>>
> >>>
> >>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: mac algo client->server:
> >>> hmac-sha1
> >>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: mac algo server->client:
> >>> hmac-sha1
> >>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: compression algo
> >>> client->server: none
> >>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: compression algo
> >>> server->client: none
> >>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: languages client->server:
> >>> [1974/08/13 21:56:04.000000, 4] ssh_list_kex: languages server->client:
> >>> [1974/08/13 21:36:36.000000, 3] packet_send2: packet: wrote
> >>> [len=364,padding=6,comp=357,payload=357]
> >>> [1974/08/13 21:55:44.145662852, 3] packet_send2: packet: wrote
> >>> [len=12,padding=5,comp=6,payload=6]
> >>> [1970/01/01 00:00:00.000000, 3] ssh_socket_unbuffered_write: Enabling
> >>> POLLOUT for socket
> >>> [1970/01/01 00:17:04.131080, 3] ssh_packet_socket_callback: packet:
> >>> read type 1 [len=44,padding=4,comp=39,payload=39]
> >>> [1974/08/13 22:00:40.145663148, 3] ssh_packet_process: Dispatching
> >>> handler for packet type 1
> >>> [1970/01/01 00:00:00.000000, 3] ssh_packet_disconnect_callback:
> >>> Received SSH_MSG_DISCONNECT 33554432:bad client public DH value
> >>> [1970/01/01 00:00:16.139880016, 1] ssh_packet_disconnect_callback:
> >>> Received SSH_MSG_DISCONNECT: 33554432:bad client public DH value
> >>> [1974/08/13 23:13:32.145667616, 3] ssh_connect: ssh_connect: Actual
> >>> state : 9
> >>> ssh_connect failed: Received SSH_MSG_DISCONNECT: 33554432:bad client
> >>> public DH value
> >>>
> >>
> >>
> >>
> >
>
>
>
Archive administrator: postmaster@lists.cynapses.org