subject:"\[X2Go\-Dev\] Bug#1520\: Proxy\-Server \- SSH \- strong Cipher crash x2Go\-Client"

[X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client

2021-08-17 Thread Adam Dorsey - NOAA Affiliate

A quick update for this bug:

Today I tested the same scenario (Cipher aes128-ctr) on our test cluster
using the latest Windows snapshot client, version
4.1.2.3-2021.07.13-df4a8ec.  The issue as described in this bug report is
still present.

Thanks,
Adam

On Fri, Mar 19, 2021 at 2:28 PM Adam Dorsey - NOAA Affiliate <
adam.dor...@noaa.gov> wrote:

> I can confirm this issue in my own environment as well.  X2Go server
> version is 4.1.0.3-9.el7 running on CentOS 7.  Affected users are running
> X2Go client version 4.1.2.2 on Windows 10 (though this may affect other
> Windows versions as well).
>
> We forced the use of the aes128-ctr cipher yesterday on our cluster login
> nodes to resolve a security issue raised by our security team.  To do this,
> we added the following line to our SSH server config file:
>
> Ciphers aes128-ctr
>
> After making this change, several users running the X2Go client on Windows
> 10 could no longer connect.  We found this bug report, and subsequently
> reverted the above change, which resolved the issue.
>
> Please note that Linux clients appeared to be unaffected by this issue; I
> was able to connect from a workstation running X2Go client version 4.1.2.2
> on Ubuntu Linux 20.04 without any issues.
>
> --
> Adam Dorsey
> NOAA RDHPCS Systems Administrator Site Lead
> CSRA / RedLine Performance Solutions, LLC
>
> NOAA NESCC
> 1000 Galliher Drive, Suite 333, Fairmont, WV 26554
> office: (304) 367-2882
> cell: (304) 685-9345
> adam.dor...@noaa.gov
>


-- 
Adam Dorsey
NOAA RDHPCS Systems Administrator Site Lead
CSRA / RedLine Performance Solutions, LLC

NOAA NESCC
1000 Galliher Drive, Suite 333, Fairmont, WV 26554
office: (304) 367-2882
cell: (304) 685-9345
adam.dor...@noaa.gov
___
x2go-dev mailing list
x2go-dev@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-dev

[X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client

2021-05-12 Thread Adam Dorsey - NOAA Affiliate

I can confirm this issue in my own environment as well.  X2Go server
version is 4.1.0.3-9.el7 running on CentOS 7.  Affected users are running
X2Go client version 4.1.2.2 on Windows 10 (though this may affect other
Windows versions as well).

We forced the use of the aes128-ctr cipher yesterday on our cluster login
nodes to resolve a security issue raised by our security team.  To do this,
we added the following line to our SSH server config file:

Ciphers aes128-ctr

After making this change, several users running the X2Go client on Windows
10 could no longer connect.  We found this bug report, and subsequently
reverted the above change, which resolved the issue.

Please note that Linux clients appeared to be unaffected by this issue; I
was able to connect from a workstation running X2Go client version 4.1.2.2
on Ubuntu Linux 20.04 without any issues.

-- 
Adam Dorsey
NOAA RDHPCS Systems Administrator Site Lead
CSRA / RedLine Performance Solutions, LLC

NOAA NESCC
1000 Galliher Drive, Suite 333, Fairmont, WV 26554
office: (304) 367-2882
cell: (304) 685-9345
adam.dor...@noaa.gov
___
x2go-dev mailing list
x2go-dev@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-dev

Re: [X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client

2021-01-14 Thread Ulrich Sibiller

It is probably required to recompile x2goclient with a current libssh.
As a workaround you can try to build a tunnel via the jumphost with
the window ssh and connect x2goclient to that tunnel instead of using
a proxy in the x2goclient configuration.

On Thu, Jan 14, 2021 at 4:25 PM Stefan Baur  wrote:
>
> Am 14.01.21 um 08:47 schrieb marian.schwa...@dlr.de:
> > I hope I provided all needed information for you. Let me know if this can 
> > be patched, or does our Company need to search for other solution.
>
> Sure sounds like something that *can* be patched.  If you want to
> expedite patching, feel free to sponsor the patch by contracting one of
> the companies providing commercial X2Go support:
> 
>
> Kind Regards,
> Stefan Baur
>
> --
> BAUR-ITCS UG (haftungsbeschränkt)
> Geschäftsführer: Stefan Baur
> Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364
> Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243
>
> ___
> x2go-dev mailing list
> x2go-dev@lists.x2go.org
> https://lists.x2go.org/listinfo/x2go-dev
___
x2go-dev mailing list
x2go-dev@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-dev

Re: [X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client

2021-01-14 Thread Stefan Baur

Am 14.01.21 um 08:47 schrieb marian.schwa...@dlr.de:
> I hope I provided all needed information for you. Let me know if this can be 
> patched, or does our Company need to search for other solution.

Sure sounds like something that *can* be patched.  If you want to
expedite patching, feel free to sponsor the patch by contracting one of
the companies providing commercial X2Go support:


Kind Regards,
Stefan Baur

-- 
BAUR-ITCS UG (haftungsbeschränkt)
Geschäftsführer: Stefan Baur
Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364
Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243



signature.asc
Description: OpenPGP digital signature
___
x2go-dev mailing list
x2go-dev@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-dev

[X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client

2021-01-14 Thread Marian.Schwarcz

Package: x2goClient
Version: 4.1.2.2-2020.02.13

Host-System: Windows 10, und Windows Server 2012 R2 (German Language)
Installations-Typ: Recommended (Default)

*** Problem Description ***
When using x2GoClient via jumpserver (as SSH-Proxy-Server), then is X2GoClient 
automatic closed (without any Information). Problem are the SSH-Strong-Ciphers, 
which are configured in SSHd on Jumpserver. Strong Ciphers => x2GoClient 
crashed. If default Ciphers => x2GoClient and connection works.

*** X2GoClient - Configuration ***
Sitzungsname: test
Pfad: /
Host: ziel-server
Login: test_ye
SSH-Port: 22

Proxy-Server für SSH-Verbindung verwenden
SSH
Host: jumpserver
Port: 22
Gleiche Anmeldung wie für X2Go-Server
Gleiches Kennwort wie für X2Go-Server

XFCE

*** Jumpserver Configuration) ***
Jumpserver SSHd Config: /etc/ssh/sshd_config  (CentOS 7)
Ciphers aes128-ctr,aes192-ctr,aes256-ctr

The ciphers are used for strong Encryption. Then access from x2GoClient via 
jumpserver cannot handle this.
--

When the Cipher-Restriction is not configured:
Jumpserver SSHd Confg: (CentOS 7)
#Ciphers aes128-ctr,aes192-ctr,aes256-ctr

then the connection from x2GoClient via jumpserver to Destination X2Go-Server 
does work.


I hope I provided all needed information for you. Let me know if this can be 
patched, or does our Company need to search for other solution.
Thank you.

Best regards,
Marián Schwarcz

___
x2go-dev mailing list
x2go-dev@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-dev

[X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client

[X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client

Re: [X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client

Re: [X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client

[X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client

5 matches

Site Navigation

Mail list logo

Footer information