[Touch-packages] [Bug 1350643] Re: 6.2p1+ fails key-exchange with embedded SSH devices
** Also affects: openssh (openSUSE) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1350643 Title: 6.2p1+ fails key-exchange with embedded SSH devices Status in openssh package in Ubuntu: Triaged Status in openssh package in openSUSE: New Bug description: I have various network devices with embedded SSH daemons, such as CDUs, UPSs, managed Switches, DRAC, and so on. All devices have entries in the ssh config file specifying an IdentityFile. The particular embedded SSH daemon in this case is Mocana nanoSSH: http://www.mocana.com/for-device-manufacturers/nanossh Recently I had need to access a Server Technology Switched CDU via SSH using 14.04 Trusty and its OpenSSH_6.6.1p1. Connections consistently failed at: $ ssh -vvv cdu-01 OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /home/tj/.ssh/config debug1: /home/tj/.ssh/config line 101: Applying options for cdu-01 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Hostname has changed; re-reading configuration debug1: Reading configuration data /home/tj/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 10.254.0.3 [10.254.0.3] port 22. debug1: Connection established. ... debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup hmac-md5 debug1: kex: server-client aes128-cbc hmac-md5 none debug2: mac_setup: setup hmac-md5 debug1: kex: client-server aes128-cbc hmac-md5 none debug2: bits set: 531/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY Received disconnect from 10.254.0.3: 11: Logged out. Initially I thought the local configuration had been corrupted in some way since the local /home/ was moved from a 13.04 to 14.04 installation. Later I discovered a bug report of this issue affecting other embedded network devices reported against versions of OpenSSH later than 6.1p1 on the BSD operating system at: https://bugzilla.mindrot.org/show_bug.cgi?id=2116 I then chroot-ed into the earlier 13.04 installation and tried again with its OpenSSH_6.1p1 and it connected: $ ssh -vvv hostmaster@10.254.0.3 OpenSSH_6.1p1 Debian-4, OpenSSL 1.0.1c 10 May 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 10.254.0.3 [10.254.0.3] port 22. debug1: Connection established. ... debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server-client aes128-cbc hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client-server aes128-cbc hmac-md5 none debug2: dh_gen_key: priv key bits set: 117/256 debug2: bits set: 521/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY debug1: Server host key: DSA 17:36:55:87:49:a5:a4:9f:02:42:8b:da:88:7c:bb:41 The authenticity of host '10.254.0.3 (10.254.0.3)' can't be established. DSA key fingerprint is 17:36:55:87:49:a5:a4:9f:02:42:8b:da:88:7c:bb:41. Are you sure you want to continue connecting (yes/no)? The cause is apparently a buffer overflow in the embedded Mocana SSH daemon with cipher/mac lists longer than ~287 bytes. I fixed it by limiting the list of Ciphers and Macs sent, via the ssh_config: Host cdu-01 Hostname 10.254.0.3 User hostmaster IdentityFile ~/.ssh/id_hostmaster IdentitiesOnly yes Protocol 2 Ciphers aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour Macs hmac-sha1,hmac-md5 $ ssh -vvv cdu-01 OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /home/tj/.ssh/config debug1: /home/tj/.ssh/config line 101: Applying options for cdu-01 debug3: ciphers ok: [aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour] debug3: macs ok: [hmac-sha1,hmac-md5] debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Hostname has changed; re-reading configuration debug1: Reading configuration data /home/tj/.ssh/config debug3: ciphers ok: [aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour] debug3: macs ok: [hmac-sha1,hmac-md5] debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 10.254.0.3 [10.254.0.3] port 22. debug1: Connection established. ... debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY debug1: Server host key: DSA 17:36:55:87:49:a5:a4:9f:02:42:8b:da:88:7c:bb:41
[Touch-packages] [Bug 1350643] Re: 6.2p1+ fails key-exchange with embedded SSH devices
'ssh -o HostKeyAlgorithms=ssh-rsa,ssh-dss -o KexAlgorithms=diffie- hellman-group1-sha1 -o Ciphers=aes128-cbc,3des-cbc -o MACs=hmac-md5 ,hmac-sha1 user@host' only works. please let me know what is the issue here. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1350643 Title: 6.2p1+ fails key-exchange with embedded SSH devices Status in openssh package in Ubuntu: Triaged Bug description: I have various network devices with embedded SSH daemons, such as CDUs, UPSs, managed Switches, DRAC, and so on. All devices have entries in the ssh config file specifying an IdentityFile. The particular embedded SSH daemon in this case is Mocana nanoSSH: http://www.mocana.com/for-device-manufacturers/nanossh Recently I had need to access a Server Technology Switched CDU via SSH using 14.04 Trusty and its OpenSSH_6.6.1p1. Connections consistently failed at: $ ssh -vvv cdu-01 OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /home/tj/.ssh/config debug1: /home/tj/.ssh/config line 101: Applying options for cdu-01 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Hostname has changed; re-reading configuration debug1: Reading configuration data /home/tj/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 10.254.0.3 [10.254.0.3] port 22. debug1: Connection established. ... debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup hmac-md5 debug1: kex: server-client aes128-cbc hmac-md5 none debug2: mac_setup: setup hmac-md5 debug1: kex: client-server aes128-cbc hmac-md5 none debug2: bits set: 531/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY Received disconnect from 10.254.0.3: 11: Logged out. Initially I thought the local configuration had been corrupted in some way since the local /home/ was moved from a 13.04 to 14.04 installation. Later I discovered a bug report of this issue affecting other embedded network devices reported against versions of OpenSSH later than 6.1p1 on the BSD operating system at: https://bugzilla.mindrot.org/show_bug.cgi?id=2116 I then chroot-ed into the earlier 13.04 installation and tried again with its OpenSSH_6.1p1 and it connected: $ ssh -vvv hostmaster@10.254.0.3 OpenSSH_6.1p1 Debian-4, OpenSSL 1.0.1c 10 May 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 10.254.0.3 [10.254.0.3] port 22. debug1: Connection established. ... debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server-client aes128-cbc hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client-server aes128-cbc hmac-md5 none debug2: dh_gen_key: priv key bits set: 117/256 debug2: bits set: 521/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY debug1: Server host key: DSA 17:36:55:87:49:a5:a4:9f:02:42:8b:da:88:7c:bb:41 The authenticity of host '10.254.0.3 (10.254.0.3)' can't be established. DSA key fingerprint is 17:36:55:87:49:a5:a4:9f:02:42:8b:da:88:7c:bb:41. Are you sure you want to continue connecting (yes/no)? The cause is apparently a buffer overflow in the embedded Mocana SSH daemon with cipher/mac lists longer than ~287 bytes. I fixed it by limiting the list of Ciphers and Macs sent, via the ssh_config: Host cdu-01 Hostname 10.254.0.3 User hostmaster IdentityFile ~/.ssh/id_hostmaster IdentitiesOnly yes Protocol 2 Ciphers aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour Macs hmac-sha1,hmac-md5 $ ssh -vvv cdu-01 OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /home/tj/.ssh/config debug1: /home/tj/.ssh/config line 101: Applying options for cdu-01 debug3: ciphers ok: [aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour] debug3: macs ok: [hmac-sha1,hmac-md5] debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Hostname has changed; re-reading configuration debug1: Reading configuration data /home/tj/.ssh/config debug3: ciphers ok: [aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour] debug3: macs ok: [hmac-sha1,hmac-md5] debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 10.254.0.3 [10.254.0.3] port 22. debug1: Connection established. ... debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting
Re: [Touch-packages] [Bug 1350643] Re: 6.2p1+ fails key-exchange with embedded SSH devices
On 31/07/14 04:18, Seth Arnold wrote: It might be worth changing your ciphers to something like Seth, that is terrible OK, I'll try it later on, although I have no idea what CPU the embedded controller on the CDU uses. If I knew that I might be able to craft the buffer overflow to do something useful. I've been explicit in describing the issue since it looks like the kind of thing that many sys-admins could hit and not get to the bottom of. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1350643 Title: 6.2p1+ fails key-exchange with embedded SSH devices Status in “openssh” package in Ubuntu: Triaged Bug description: I have various network devices with embedded SSH daemons, such as CDUs, UPSs, managed Switches, DRAC, and so on. All devices have entries in the ssh config file specifying an IdentityFile. The particular embedded SSH daemon in this case is Mocana nanoSSH: http://www.mocana.com/for-device-manufacturers/nanossh Recently I had need to access a Server Technology Switched CDU via SSH using 14.04 Trusty and its OpenSSH_6.6.1p1. Connections consistently failed at: $ ssh -vvv cdu-01 OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /home/tj/.ssh/config debug1: /home/tj/.ssh/config line 101: Applying options for cdu-01 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Hostname has changed; re-reading configuration debug1: Reading configuration data /home/tj/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 10.254.0.3 [10.254.0.3] port 22. debug1: Connection established. ... debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup hmac-md5 debug1: kex: server-client aes128-cbc hmac-md5 none debug2: mac_setup: setup hmac-md5 debug1: kex: client-server aes128-cbc hmac-md5 none debug2: bits set: 531/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY Received disconnect from 10.254.0.3: 11: Logged out. Initially I thought the local configuration had been corrupted in some way since the local /home/ was moved from a 13.04 to 14.04 installation. Later I discovered a bug report of this issue affecting other embedded network devices reported against versions of OpenSSH later than 6.1p1 on the BSD operating system at: https://bugzilla.mindrot.org/show_bug.cgi?id=2116 I then chroot-ed into the earlier 13.04 installation and tried again with its OpenSSH_6.1p1 and it connected: $ ssh -vvv hostmaster@10.254.0.3 OpenSSH_6.1p1 Debian-4, OpenSSL 1.0.1c 10 May 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 10.254.0.3 [10.254.0.3] port 22. debug1: Connection established. ... debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server-client aes128-cbc hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client-server aes128-cbc hmac-md5 none debug2: dh_gen_key: priv key bits set: 117/256 debug2: bits set: 521/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY debug1: Server host key: DSA 17:36:55:87:49:a5:a4:9f:02:42:8b:da:88:7c:bb:41 The authenticity of host '10.254.0.3 (10.254.0.3)' can't be established. DSA key fingerprint is 17:36:55:87:49:a5:a4:9f:02:42:8b:da:88:7c:bb:41. Are you sure you want to continue connecting (yes/no)? The cause is apparently a buffer overflow in the embedded Mocana SSH daemon with cipher/mac lists longer than ~287 bytes. I fixed it by limiting the list of Ciphers and Macs sent, via the ssh_config: Host cdu-01 Hostname 10.254.0.3 User hostmaster IdentityFile ~/.ssh/id_hostmaster IdentitiesOnly yes Protocol 2 Ciphers aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour Macs hmac-sha1,hmac-md5 $ ssh -vvv cdu-01 OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /home/tj/.ssh/config debug1: /home/tj/.ssh/config line 101: Applying options for cdu-01 debug3: ciphers ok: [aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour] debug3: macs ok: [hmac-sha1,hmac-md5] debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Hostname has changed; re-reading configuration debug1: Reading configuration data /home/tj/.ssh/config debug3: ciphers ok: [aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour] debug3: macs ok: [hmac-sha1,hmac-md5] debug1: Reading configuration data /etc/ssh/ssh_config debug1:
[Touch-packages] [Bug 1350643] Re: 6.2p1+ fails key-exchange with embedded SSH devices
It might be worth changing your ciphers to something like: Ciphers and see if you can get 0x41414141 kinds of things in e.g. CPU registers or elsewhere in your embedded devices. (I'm curious if this is just a client configuration that won't connect properly or if you've found exploitable flaws in the Mocana sshd.) Thanks -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1350643 Title: 6.2p1+ fails key-exchange with embedded SSH devices Status in “openssh” package in Ubuntu: Triaged Bug description: I have various network devices with embedded SSH daemons, such as CDUs, UPSs, managed Switches, DRAC, and so on. All devices have entries in the ssh config file specifying an IdentityFile. The particular embedded SSH daemon in this case is Mocana nanoSSH: http://www.mocana.com/for-device-manufacturers/nanossh Recently I had need to access a Server Technology Switched CDU via SSH using 14.04 Trusty and its OpenSSH_6.6.1p1. Connections consistently failed at: $ ssh -vvv cdu-01 OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /home/tj/.ssh/config debug1: /home/tj/.ssh/config line 101: Applying options for cdu-01 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Hostname has changed; re-reading configuration debug1: Reading configuration data /home/tj/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 10.254.0.3 [10.254.0.3] port 22. debug1: Connection established. ... debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup hmac-md5 debug1: kex: server-client aes128-cbc hmac-md5 none debug2: mac_setup: setup hmac-md5 debug1: kex: client-server aes128-cbc hmac-md5 none debug2: bits set: 531/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY Received disconnect from 10.254.0.3: 11: Logged out. Initially I thought the local configuration had been corrupted in some way since the local /home/ was moved from a 13.04 to 14.04 installation. Later I discovered a bug report of this issue affecting other embedded network devices reported against versions of OpenSSH later than 6.1p1 on the BSD operating system at: https://bugzilla.mindrot.org/show_bug.cgi?id=2116 I then chroot-ed into the earlier 13.04 installation and tried again with its OpenSSH_6.1p1 and it connected: $ ssh -vvv hostmaster@10.254.0.3 OpenSSH_6.1p1 Debian-4, OpenSSL 1.0.1c 10 May 2012 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to 10.254.0.3 [10.254.0.3] port 22. debug1: Connection established. ... debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server-client aes128-cbc hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client-server aes128-cbc hmac-md5 none debug2: dh_gen_key: priv key bits set: 117/256 debug2: bits set: 521/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY debug1: Server host key: DSA 17:36:55:87:49:a5:a4:9f:02:42:8b:da:88:7c:bb:41 The authenticity of host '10.254.0.3 (10.254.0.3)' can't be established. DSA key fingerprint is 17:36:55:87:49:a5:a4:9f:02:42:8b:da:88:7c:bb:41. Are you sure you want to continue connecting (yes/no)? The cause is apparently a buffer overflow in the embedded Mocana SSH daemon with cipher/mac lists longer than ~287 bytes. I fixed it by limiting the list of Ciphers and Macs sent, via the ssh_config: Host cdu-01 Hostname 10.254.0.3 User hostmaster IdentityFile ~/.ssh/id_hostmaster IdentitiesOnly yes Protocol 2 Ciphers aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour Macs hmac-sha1,hmac-md5 $ ssh -vvv cdu-01 OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /home/tj/.ssh/config debug1: /home/tj/.ssh/config line 101: Applying options for cdu-01 debug3: ciphers ok: [aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc,arcfour] debug3: macs ok: [hmac-sha1,hmac-md5] debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Hostname has changed; re-reading configuration debug1: Reading configuration data /home/tj/.ssh/config debug3: ciphers ok: