[jira] [Commented] (SSHD-737) "Invalid encoding: redundant leading 0s" when establishing session
[
https://issues.apache.org/jira/browse/SSHD-737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162810#comment-16162810
]
Goldstein Lyor commented on SSHD-737:
-
P.S. I remember we solve a similar issue for RSA keys and leading zeroes - see
{{AbstractDH#stripLeadingZeroes}} that was introduced as part of SSHD-330 -
perhaps something similar is required for DSA signature...
> "Invalid encoding: redundant leading 0s" when establishing session
> --
>
> Key: SSHD-737
> URL: https://issues.apache.org/jira/browse/SSHD-737
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 0.14.0
>Reporter: Grzegorz Grzybek
>Assignee: Goldstein Lyor
> Fix For: 1.4.0
>
>
> Probably related to https://bugs.openjdk.java.net/browse/JDK-8175251. I'm
> getting:
> {noformat}
> 2017-04-03 12:57:52,932 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Client session created
> 2017-04-03 12:57:52,932 | DEBUG | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,932 | TRACE | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #0: 14 5c dd 49
> 7d 80 20 9d 4b d8 c9 11 ac 42 34 81 08 00 00 00 9b 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32 35
> 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63
> 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70
> 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63 64
> 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65 6c
> 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 4b 65 63 64 73 61 2d
> 73 68 61 32 2d 6e 69 73 74 70 32 35 36 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e
> 69 73 74 70 33 38 34 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 35 32
> 31 2c 73 73 68 2d 64 73 73 2c 73 73 68 2d 72 73 61 00 00 00 36 61 65 73 31 32
> 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73 31 32 38 2d 63 62
> 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 63 00 00 00
> 36 61 65 73 31 32 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73
> 31 32 38 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d
> 63 62 63 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d
> 73 68 61 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64
> 35 2c 68 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36
> 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d 73 68 61
> 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64 35 2c 68
> 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36 00 00 00
> 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | Trying authentication with
> org.apache.sshd.client.auth.deprecated.UserAuthPassword@30ed5323
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | waiting to send authentication
> 2017-04-03 12:57:52,933 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Server version string:
> SSH-2.0-SSHD-CORE-0.14.0
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received packet #1: 14 7b 0e
> 99 05 b0 83 3c be 6a 22 3b 2b a1 c3 0b cb 00 00 00 9b 64 69 66 66 69 65 2d 68
> 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32
> 35 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78
> 63 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74
> 70 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63
> 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 07 73 73 68 2d 64
> 73 73 00 00 00 0a 61 65 73 31 32 38 2d 63 74 72 00 00 00 0a 61 65 73 31 32 38
> 2d 63 74 72 00 00 00 09 68 6d 61 63 2d 73 68 61 31 00 00 00 09 68 6d 61 63 2d
> 73 68 61 31 00 00 00 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00
> 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,947 | DEBUG | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core -
[jira] [Commented] (SSHD-737) "Invalid encoding: redundant leading 0s" when establishing session
[
https://issues.apache.org/jira/browse/SSHD-737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162807#comment-16162807
]
Goldstein Lyor commented on SSHD-737:
-
Can you provide a sample DSA key pair that reproduces this problem so we can
investigate (and fix) more easily ?
> "Invalid encoding: redundant leading 0s" when establishing session
> --
>
> Key: SSHD-737
> URL: https://issues.apache.org/jira/browse/SSHD-737
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 0.14.0
>Reporter: Grzegorz Grzybek
>Assignee: Goldstein Lyor
> Fix For: 1.4.0
>
>
> Probably related to https://bugs.openjdk.java.net/browse/JDK-8175251. I'm
> getting:
> {noformat}
> 2017-04-03 12:57:52,932 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Client session created
> 2017-04-03 12:57:52,932 | DEBUG | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,932 | TRACE | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #0: 14 5c dd 49
> 7d 80 20 9d 4b d8 c9 11 ac 42 34 81 08 00 00 00 9b 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32 35
> 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63
> 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70
> 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63 64
> 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65 6c
> 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 4b 65 63 64 73 61 2d
> 73 68 61 32 2d 6e 69 73 74 70 32 35 36 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e
> 69 73 74 70 33 38 34 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 35 32
> 31 2c 73 73 68 2d 64 73 73 2c 73 73 68 2d 72 73 61 00 00 00 36 61 65 73 31 32
> 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73 31 32 38 2d 63 62
> 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 63 00 00 00
> 36 61 65 73 31 32 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73
> 31 32 38 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d
> 63 62 63 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d
> 73 68 61 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64
> 35 2c 68 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36
> 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d 73 68 61
> 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64 35 2c 68
> 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36 00 00 00
> 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | Trying authentication with
> org.apache.sshd.client.auth.deprecated.UserAuthPassword@30ed5323
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | waiting to send authentication
> 2017-04-03 12:57:52,933 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Server version string:
> SSH-2.0-SSHD-CORE-0.14.0
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received packet #1: 14 7b 0e
> 99 05 b0 83 3c be 6a 22 3b 2b a1 c3 0b cb 00 00 00 9b 64 69 66 66 69 65 2d 68
> 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32
> 35 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78
> 63 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74
> 70 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63
> 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 07 73 73 68 2d 64
> 73 73 00 00 00 0a 61 65 73 31 32 38 2d 63 74 72 00 00 00 0a 61 65 73 31 32 38
> 2d 63 74 72 00 00 00 09 68 6d 61 63 2d 73 68 61 31 00 00 00 09 68 6d 61 63 2d
> 73 68 61 31 00 00 00 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00
> 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,947 | DEBUG | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(kex algorithms)
> guess=diffie-hellman-group-exchange-sha256 (client:
>
[jira] [Reopened] (SSHD-737) "Invalid encoding: redundant leading 0s" when establishing session
[
https://issues.apache.org/jira/browse/SSHD-737?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Guillaume Nodet reopened SSHD-737:
--
> "Invalid encoding: redundant leading 0s" when establishing session
> --
>
> Key: SSHD-737
> URL: https://issues.apache.org/jira/browse/SSHD-737
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 0.14.0
>Reporter: Grzegorz Grzybek
>Assignee: Goldstein Lyor
> Fix For: 1.4.0
>
>
> Probably related to https://bugs.openjdk.java.net/browse/JDK-8175251. I'm
> getting:
> {noformat}
> 2017-04-03 12:57:52,932 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Client session created
> 2017-04-03 12:57:52,932 | DEBUG | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,932 | TRACE | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #0: 14 5c dd 49
> 7d 80 20 9d 4b d8 c9 11 ac 42 34 81 08 00 00 00 9b 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32 35
> 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63
> 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70
> 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63 64
> 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65 6c
> 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 4b 65 63 64 73 61 2d
> 73 68 61 32 2d 6e 69 73 74 70 32 35 36 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e
> 69 73 74 70 33 38 34 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 35 32
> 31 2c 73 73 68 2d 64 73 73 2c 73 73 68 2d 72 73 61 00 00 00 36 61 65 73 31 32
> 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73 31 32 38 2d 63 62
> 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 63 00 00 00
> 36 61 65 73 31 32 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73
> 31 32 38 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d
> 63 62 63 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d
> 73 68 61 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64
> 35 2c 68 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36
> 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d 73 68 61
> 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64 35 2c 68
> 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36 00 00 00
> 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | Trying authentication with
> org.apache.sshd.client.auth.deprecated.UserAuthPassword@30ed5323
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | waiting to send authentication
> 2017-04-03 12:57:52,933 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Server version string:
> SSH-2.0-SSHD-CORE-0.14.0
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received packet #1: 14 7b 0e
> 99 05 b0 83 3c be 6a 22 3b 2b a1 c3 0b cb 00 00 00 9b 64 69 66 66 69 65 2d 68
> 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32
> 35 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78
> 63 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74
> 70 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63
> 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 07 73 73 68 2d 64
> 73 73 00 00 00 0a 61 65 73 31 32 38 2d 63 74 72 00 00 00 0a 61 65 73 31 32 38
> 2d 63 74 72 00 00 00 09 68 6d 61 63 2d 73 68 61 31 00 00 00 09 68 6d 61 63 2d
> 73 68 61 31 00 00 00 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00
> 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,947 | DEBUG | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(kex algorithms)
> guess=diffie-hellman-group-exchange-sha256 (client:
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1
>
[jira] [Commented] (SSHD-737) "Invalid encoding: redundant leading 0s" when establishing session
[
https://issues.apache.org/jira/browse/SSHD-737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162779#comment-16162779
]
Thomas Davidsson commented on SSHD-737:
---
JDK/OpenJDK will not solve the problem, As i understand it they have corrected
some parts in the security-libs
(http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html)
_More checks added to DER encoding parsing code
More checks are added to the DER encoding parsing code to catch various
encoding errors. In addition, signatures which contain constructed indefinite
length encoding will now lead to IOException during parsing. Note that
signatures generated using JDK default providers are not affected by this
change. _
JDK-8168714 (not public)
So this issue need to be solved in sshd-core lib.
> "Invalid encoding: redundant leading 0s" when establishing session
> --
>
> Key: SSHD-737
> URL: https://issues.apache.org/jira/browse/SSHD-737
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 0.14.0
>Reporter: Grzegorz Grzybek
>Assignee: Goldstein Lyor
> Fix For: 1.4.0
>
>
> Probably related to https://bugs.openjdk.java.net/browse/JDK-8175251. I'm
> getting:
> {noformat}
> 2017-04-03 12:57:52,932 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Client session created
> 2017-04-03 12:57:52,932 | DEBUG | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,932 | TRACE | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #0: 14 5c dd 49
> 7d 80 20 9d 4b d8 c9 11 ac 42 34 81 08 00 00 00 9b 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32 35
> 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63
> 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70
> 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63 64
> 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65 6c
> 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 4b 65 63 64 73 61 2d
> 73 68 61 32 2d 6e 69 73 74 70 32 35 36 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e
> 69 73 74 70 33 38 34 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 35 32
> 31 2c 73 73 68 2d 64 73 73 2c 73 73 68 2d 72 73 61 00 00 00 36 61 65 73 31 32
> 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73 31 32 38 2d 63 62
> 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 63 00 00 00
> 36 61 65 73 31 32 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73
> 31 32 38 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d
> 63 62 63 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d
> 73 68 61 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64
> 35 2c 68 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36
> 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d 73 68 61
> 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64 35 2c 68
> 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36 00 00 00
> 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | Trying authentication with
> org.apache.sshd.client.auth.deprecated.UserAuthPassword@30ed5323
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | waiting to send authentication
> 2017-04-03 12:57:52,933 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Server version string:
> SSH-2.0-SSHD-CORE-0.14.0
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received packet #1: 14 7b 0e
> 99 05 b0 83 3c be 6a 22 3b 2b a1 c3 0b cb 00 00 00 9b 64 69 66 66 69 65 2d 68
> 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32
> 35 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78
> 63 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74
> 70 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63
> 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 07 73 73 68 2d 64
> 73 73 00 00 00 0a 61 65 73 31 32 38 2d 63 74 72 00 00 00 0a 61 65 73 31 32 38
> 2d 63 74 72 00 00 00 09 68 6d 61 63 2d 73 68 61
[jira] [Commented] (SSHD-737) "Invalid encoding: redundant leading 0s" when establishing session
[
https://issues.apache.org/jira/browse/SSHD-737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162748#comment-16162748
]
Grzegorz Grzybek commented on SSHD-737:
---
[~lgoldstein] I remember this was just marked as "won't fix", because I
reported it for very old version... But it started to fail on latest one too...
I still think the bug isn't really solved on JDK/OpenJDK side...
> "Invalid encoding: redundant leading 0s" when establishing session
> --
>
> Key: SSHD-737
> URL: https://issues.apache.org/jira/browse/SSHD-737
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 0.14.0
>Reporter: Grzegorz Grzybek
>Assignee: Goldstein Lyor
> Fix For: 1.4.0
>
>
> Probably related to https://bugs.openjdk.java.net/browse/JDK-8175251. I'm
> getting:
> {noformat}
> 2017-04-03 12:57:52,932 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Client session created
> 2017-04-03 12:57:52,932 | DEBUG | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,932 | TRACE | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #0: 14 5c dd 49
> 7d 80 20 9d 4b d8 c9 11 ac 42 34 81 08 00 00 00 9b 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32 35
> 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63
> 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70
> 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63 64
> 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65 6c
> 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 4b 65 63 64 73 61 2d
> 73 68 61 32 2d 6e 69 73 74 70 32 35 36 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e
> 69 73 74 70 33 38 34 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 35 32
> 31 2c 73 73 68 2d 64 73 73 2c 73 73 68 2d 72 73 61 00 00 00 36 61 65 73 31 32
> 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73 31 32 38 2d 63 62
> 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 63 00 00 00
> 36 61 65 73 31 32 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73
> 31 32 38 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d
> 63 62 63 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d
> 73 68 61 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64
> 35 2c 68 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36
> 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d 73 68 61
> 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64 35 2c 68
> 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36 00 00 00
> 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | Trying authentication with
> org.apache.sshd.client.auth.deprecated.UserAuthPassword@30ed5323
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | waiting to send authentication
> 2017-04-03 12:57:52,933 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Server version string:
> SSH-2.0-SSHD-CORE-0.14.0
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received packet #1: 14 7b 0e
> 99 05 b0 83 3c be 6a 22 3b 2b a1 c3 0b cb 00 00 00 9b 64 69 66 66 69 65 2d 68
> 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32
> 35 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78
> 63 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74
> 70 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63
> 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 07 73 73 68 2d 64
> 73 73 00 00 00 0a 61 65 73 31 32 38 2d 63 74 72 00 00 00 0a 61 65 73 31 32 38
> 2d 63 74 72 00 00 00 09 68 6d 61 63 2d 73 68 61 31 00 00 00 09 68 6d 61 63 2d
> 73 68 61 31 00 00 00 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00
> 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,947 | DEBUG | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 -
[jira] [Commented] (SSHD-771) SFTP server closes the connection when hmac-sha2-512 is used
[
https://issues.apache.org/jira/browse/SSHD-771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162726#comment-16162726
]
Andreas Bergander commented on SSHD-771:
It seems to work with the latest version in master though, so I guess your fix
works. :-)
> SFTP server closes the connection when hmac-sha2-512 is used
>
>
> Key: SSHD-771
> URL: https://issues.apache.org/jira/browse/SSHD-771
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 1.6.0
>Reporter: Andreas Bergander
>Assignee: Goldstein Lyor
> Fix For: 1.7.0
>
> Attachments: SshdTest.java
>
>
> It seems like the SFTP server in sshd does not handle HMAC SHA-2-512 very
> well. If I set up a server which only accepts that HMAC, the server closes
> the connection as soon as I connect with a client.
> The server throws an exception in AbstractSession (row 1380) before closing
> the connection:
> {code}
> // Check the computed result with the received mac (just after the packet
> data)
> if (!BufferUtils.equals(inMacResult, 0, data, decoderLength + 4, macSize)) {
> throw new SshException(SshConstants.SSH2_DISCONNECT_MAC_ERROR, "MAC Error");
> }
> {code}
> If I switch the HMAC to SHA-2-256 everything works ok.
> I've attached a sample program which sets up a server. I've tested with a
> couple of different clients and all of them exposes the error in the server.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (SSHD-737) "Invalid encoding: redundant leading 0s" when establishing session
[
https://issues.apache.org/jira/browse/SSHD-737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162705#comment-16162705
]
Thomas Davidsson commented on SSHD-737:
---
Hi,
thanks for the fast response.
We are not using openjdk, we are using oracle jdk.
Our problem occurs when the server using DSA algorithm. Then our client fails
when connecting and the SignatureDSA.verify method is executed:
2017-09-08 13:31:41,093 []-nio2-thread-5] DEBUG
[org.apache.sshd.client.session.ClientSessionImpl]
exceptionCaught(ClientSessionImpl[root@/10.216.129.29:37004])[state=Opened]
details
java.security.SignatureException: Invalid encoding for signature
at sun.security.provider.DSA.engineVerify(DSA.java:290)
at sun.security.provider.DSA.engineVerify(DSA.java:251)
at java.security.Signature$Delegate.engineVerify(Signature.java:1219)
at java.security.Signature.verify(Signature.java:652)
at
org.apache.sshd.common.signature.AbstractSignature.doVerify(AbstractSignature.java:142)
at
org.apache.sshd.common.signature.SignatureDSA.verify(SignatureDSA.java:140)
at org.apache.sshd.client.kex.DHGClient.next(DHGClient.java:142)
at
org.apache.sshd.common.session.helpers.AbstractSession.handleKexMessage(AbstractSession.java:612)
at
org.apache.sshd.common.session.helpers.AbstractSession.doHandleMessage(AbstractSession.java:564)
at
org.apache.sshd.common.session.helpers.AbstractSession.handleMessage(AbstractSession.java:499)
at
org.apache.sshd.common.session.helpers.AbstractSession.decode(AbstractSession.java:1413)
at
org.apache.sshd.common.session.helpers.AbstractSession.messageReceived(AbstractSession.java:460)
at
org.apache.sshd.common.session.helpers.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:66)
at
org.apache.sshd.common.io.nio2.Nio2Session.handleReadCycleCompletion(Nio2Session.java:284)
at
org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:264)
at
org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:261)
at
org.apache.sshd.common.io.nio2.Nio2CompletionHandler.lambda$completed$0(Nio2CompletionHandler.java:38)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:37)
at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)
at sun.nio.ch.Invoker$2.run(Invoker.java:218)
at
sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.io.IOException: Invalid encoding: redundant leading 0s
at
sun.security.util.DerInputBuffer.getBigInteger(DerInputBuffer.java:162)
at sun.security.util.DerValue.getBigInteger(DerValue.java:539)
at sun.security.provider.DSA.engineVerify(DSA.java:287)
... 24 more
> "Invalid encoding: redundant leading 0s" when establishing session
> --
>
> Key: SSHD-737
> URL: https://issues.apache.org/jira/browse/SSHD-737
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 0.14.0
>Reporter: Grzegorz Grzybek
>Assignee: Goldstein Lyor
> Fix For: 1.4.0
>
>
> Probably related to https://bugs.openjdk.java.net/browse/JDK-8175251. I'm
> getting:
> {noformat}
> 2017-04-03 12:57:52,932 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Client session created
> 2017-04-03 12:57:52,932 | DEBUG | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,932 | TRACE | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #0: 14 5c dd 49
> 7d 80 20 9d 4b d8 c9 11 ac 42 34 81 08 00 00 00 9b 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32 35
> 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63
> 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70
> 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63 64
> 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65 6c
> 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 4b 65 63 64 73 61 2d
> 73 68 61 32 2d 6e 69 73 74 70 32 35 36 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e
> 69 73 74 70 33 38 34 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 35 32
> 31 2c 73 73
[jira] [Commented] (SSHD-771) SFTP server closes the connection when hmac-sha2-512 is used
[
https://issues.apache.org/jira/browse/SSHD-771?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162701#comment-16162701
]
Andreas Bergander commented on SSHD-771:
It seems like the problem only occurs in combination with certain Key Exchange
Algorithms. More specifically these: diffie-hellman-group-exchange-sha1,
diffie-hellman-group14-sha1, diffie-hellman-group1-sha1.
So to reproduce:
I start an SFTP server using: {{SshServer -p }}
And then connect using OpenSSH (v7.5p1): {{sftp -vvv -P
-oKexAlgorithms=diffie-hellman-group14-sha1 -oMACs=hmac-sha2-512 localhost}}
If I switch to hmac-sha-256 it will work with any Kex algorithm. If I change
Kex algorithm to something else, like diffie-hellman-group-exchange-sha256 or
ecdh-sha2-nistp521, it works.
The error I get from OpenSSH is:
{code}
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: key: /home/andber/.ssh/id_rsa (0x0)
debug2: key: /home/andber/.ssh/id_dsa (0x0)
debug2: key: /home/andber/.ssh/id_ecdsa (0x0)
debug2: key: /home/andber/.ssh/id_ed25519 (0x0)
debug3: send packet: type 5
Corrupted MAC on input.
debug3: send packet: type 1
Authentication failed.
Connection closed
{code}
> SFTP server closes the connection when hmac-sha2-512 is used
>
>
> Key: SSHD-771
> URL: https://issues.apache.org/jira/browse/SSHD-771
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 1.6.0
>Reporter: Andreas Bergander
>Assignee: Goldstein Lyor
> Fix For: 1.7.0
>
> Attachments: SshdTest.java
>
>
> It seems like the SFTP server in sshd does not handle HMAC SHA-2-512 very
> well. If I set up a server which only accepts that HMAC, the server closes
> the connection as soon as I connect with a client.
> The server throws an exception in AbstractSession (row 1380) before closing
> the connection:
> {code}
> // Check the computed result with the received mac (just after the packet
> data)
> if (!BufferUtils.equals(inMacResult, 0, data, decoderLength + 4, macSize)) {
> throw new SshException(SshConstants.SSH2_DISCONNECT_MAC_ERROR, "MAC Error");
> }
> {code}
> If I switch the HMAC to SHA-2-256 everything works ok.
> I've attached a sample program which sets up a server. I've tested with a
> couple of different clients and all of them exposes the error in the server.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (SSHD-737) "Invalid encoding: redundant leading 0s" when establishing session
[
https://issues.apache.org/jira/browse/SSHD-737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162691#comment-16162691
]
Grzegorz Grzybek commented on SSHD-737:
---
According to https://bugs.openjdk.java.net/browse/JDK-8175251 and
https://bugs.openjdk.java.net/browse/JDK-8185232 this should be fixed in
1.8.0_144...
> "Invalid encoding: redundant leading 0s" when establishing session
> --
>
> Key: SSHD-737
> URL: https://issues.apache.org/jira/browse/SSHD-737
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 0.14.0
>Reporter: Grzegorz Grzybek
>Assignee: Goldstein Lyor
> Fix For: 1.4.0
>
>
> Probably related to https://bugs.openjdk.java.net/browse/JDK-8175251. I'm
> getting:
> {noformat}
> 2017-04-03 12:57:52,932 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Client session created
> 2017-04-03 12:57:52,932 | DEBUG | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,932 | TRACE | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #0: 14 5c dd 49
> 7d 80 20 9d 4b d8 c9 11 ac 42 34 81 08 00 00 00 9b 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32 35
> 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63
> 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70
> 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63 64
> 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65 6c
> 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 4b 65 63 64 73 61 2d
> 73 68 61 32 2d 6e 69 73 74 70 32 35 36 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e
> 69 73 74 70 33 38 34 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 35 32
> 31 2c 73 73 68 2d 64 73 73 2c 73 73 68 2d 72 73 61 00 00 00 36 61 65 73 31 32
> 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73 31 32 38 2d 63 62
> 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 63 00 00 00
> 36 61 65 73 31 32 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73
> 31 32 38 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d
> 63 62 63 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d
> 73 68 61 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64
> 35 2c 68 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36
> 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d 73 68 61
> 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64 35 2c 68
> 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36 00 00 00
> 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | Trying authentication with
> org.apache.sshd.client.auth.deprecated.UserAuthPassword@30ed5323
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | waiting to send authentication
> 2017-04-03 12:57:52,933 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Server version string:
> SSH-2.0-SSHD-CORE-0.14.0
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received packet #1: 14 7b 0e
> 99 05 b0 83 3c be 6a 22 3b 2b a1 c3 0b cb 00 00 00 9b 64 69 66 66 69 65 2d 68
> 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32
> 35 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78
> 63 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74
> 70 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63
> 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 07 73 73 68 2d 64
> 73 73 00 00 00 0a 61 65 73 31 32 38 2d 63 74 72 00 00 00 0a 61 65 73 31 32 38
> 2d 63 74 72 00 00 00 09 68 6d 61 63 2d 73 68 61 31 00 00 00 09 68 6d 61 63 2d
> 73 68 61 31 00 00 00 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00
> 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,947 | DEBUG | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Kex: negotiate(kex algorithms)
>
[jira] [Commented] (SSHD-737) "Invalid encoding: redundant leading 0s" when establishing session
[
https://issues.apache.org/jira/browse/SSHD-737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16162678#comment-16162678
]
Thomas Davidsson commented on SSHD-737:
---
Hi,
With the lift to Java 1.8.0_144 and SSHD-CORE 1.6.0 the issue with "Invalid
encoding: redundant leading 0s" has started to occur in our environment.
We found a bugfix for JSCH that solved the problem for us:
https://github.com/Jurrie/jsch-111-bugfix
A description of the bugfix can be read in the discussion from Jurrie Overgoor:
https://sourceforge.net/p/jsch/bugs/111/
Can this issue be reopened?
Thanks
> "Invalid encoding: redundant leading 0s" when establishing session
> --
>
> Key: SSHD-737
> URL: https://issues.apache.org/jira/browse/SSHD-737
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 0.14.0
>Reporter: Grzegorz Grzybek
>Assignee: Goldstein Lyor
> Fix For: 1.4.0
>
>
> Probably related to https://bugs.openjdk.java.net/browse/JDK-8175251. I'm
> getting:
> {noformat}
> 2017-04-03 12:57:52,932 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Client session created
> 2017-04-03 12:57:52,932 | DEBUG | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Send SSH_MSG_KEXINIT
> 2017-04-03 12:57:52,932 | TRACE | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Sending packet #0: 14 5c dd 49
> 7d 80 20 9d 4b d8 c9 11 ac 42 34 81 08 00 00 00 9b 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32 35
> 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63
> 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70
> 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63 64
> 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65 6c
> 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 4b 65 63 64 73 61 2d
> 73 68 61 32 2d 6e 69 73 74 70 32 35 36 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e
> 69 73 74 70 33 38 34 2c 65 63 64 73 61 2d 73 68 61 32 2d 6e 69 73 74 70 35 32
> 31 2c 73 73 68 2d 64 73 73 2c 73 73 68 2d 72 73 61 00 00 00 36 61 65 73 31 32
> 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73 31 32 38 2d 63 62
> 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 63 00 00 00
> 36 61 65 73 31 32 38 2d 63 74 72 2c 61 72 63 66 6f 75 72 31 32 38 2c 61 65 73
> 31 32 38 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d
> 63 62 63 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d
> 73 68 61 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64
> 35 2c 68 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36
> 00 00 00 47 68 6d 61 63 2d 73 68 61 32 2d 32 35 36 2c 68 6d 61 63 2d 73 68 61
> 32 2d 35 31 32 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64 35 2c 68
> 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36 00 00 00
> 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | Trying authentication with
> org.apache.sshd.client.auth.deprecated.UserAuthPassword@30ed5323
> 2017-04-03 12:57:52,933 | DEBUG | 3)-192.168.0.220 | ClientUserAuthServiceOld
> | 33 - org.apache.sshd.core - 0.14.0 | waiting to send authentication
> 2017-04-03 12:57:52,933 | INFO | d]-nio2-thread-1 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Server version string:
> SSH-2.0-SSHD-CORE-0.14.0
> 2017-04-03 12:57:52,947 | TRACE | d]-nio2-thread-2 | ClientSessionImpl
> | 33 - org.apache.sshd.core - 0.14.0 | Received packet #1: 14 7b 0e
> 99 05 b0 83 3c be 6a 22 3b 2b a1 c3 0b cb 00 00 00 9b 64 69 66 66 69 65 2d 68
> 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 65 2d 73 68 61 32
> 35 36 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 6e 2d 67 72 6f 75 70 2d 65 78
> 63 68 61 6e 67 65 2d 73 68 61 31 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74
> 70 32 35 36 2c 65 63 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 33 38 34 2c 65 63
> 64 68 2d 73 68 61 32 2d 6e 69 73 74 70 35 32 31 2c 64 69 66 66 69 65 2d 68 65
> 6c 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 07 73 73 68 2d 64
> 73 73 00 00 00 0a 61 65 73 31 32 38 2d 63 74 72 00 00 00 0a 61 65 73 31 32 38
> 2d 63 74 72 00 00 00 09 68 6d 61 63 2d 73 68 61 31 00 00 00 09 68 6d 61 63 2d
> 73 68 61 31 00 00 00 04 6e 6f 6e 65 00 00 00 04 6e 6f 6e 65 00 00 00 00 00 00
> 00 00 00 00 00 00 00
> 2017-04-03 12:57:52,947 | DEBUG | d]-nio2-thread-2 | ClientSessionImpl
[jira] [Resolved] (SSHD-771) SFTP server closes the connection when hmac-sha2-512 is used
[
https://issues.apache.org/jira/browse/SSHD-771?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Goldstein Lyor resolved SSHD-771.
-
Resolution: Cannot Reproduce
Fix Version/s: 1.7.0
I cannot reproduce it in 1.6.0 - had no problems with {{OpenSSH}} client. I
have fixed the definition of _hmacsha512_ though so please try with the latest
code. Try using {{SshServerMain}} class with the following arguments: {{-p
-o MACs=hmac-sha2-512}} (only in latest version) and see if you can reproduce
the issue.
{quote} I've tested with a couple of different clients{quote}
Can you specify which clients (O/S, version, etc.) ?
> SFTP server closes the connection when hmac-sha2-512 is used
>
>
> Key: SSHD-771
> URL: https://issues.apache.org/jira/browse/SSHD-771
> Project: MINA SSHD
> Issue Type: Bug
>Affects Versions: 1.6.0
>Reporter: Andreas Bergander
>Assignee: Goldstein Lyor
> Fix For: 1.7.0
>
> Attachments: SshdTest.java
>
>
> It seems like the SFTP server in sshd does not handle HMAC SHA-2-512 very
> well. If I set up a server which only accepts that HMAC, the server closes
> the connection as soon as I connect with a client.
> The server throws an exception in AbstractSession (row 1380) before closing
> the connection:
> {code}
> // Check the computed result with the received mac (just after the packet
> data)
> if (!BufferUtils.equals(inMacResult, 0, data, decoderLength + 4, macSize)) {
> throw new SshException(SshConstants.SSH2_DISCONNECT_MAC_ERROR, "MAC Error");
> }
> {code}
> If I switch the HMAC to SHA-2-256 everything works ok.
> I've attached a sample program which sets up a server. I've tested with a
> couple of different clients and all of them exposes the error in the server.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
