On Sat, Dec 23, 2017 at 10:41 PM, NTMMFTS <jay.x.le...@gmail.com> wrote:
> It appears that libssh2 includes the aes256-cbc key exchange method > supported > by pfSense, so I modded the ssh.c code and let it compile during > installation using hanaciamiento's guacamole install script > (https://sourceforge.net/projects/guacamoleinstallscript/), but guacamole > won't load at all afterwards. > > Here's the code and where I inserted it in ssh.c in the > guac_common_ssh_create_session function: > > /* Open SSH session */ > // existing code > > /* added preferred method for key exchange method supported by > pfSense */ > int returnval = libssh2_session_method_pref(session, > LIBSSH2_METHOD_CRYPT_CS, "aes256-cbc"); > if (returnval != 0) { > guac_client_abort(client, GUAC_PROTOCOL_STATUS_SERVER_ERROR, > "Setting session preferred key exchange method to > AES256-CBC > failed."); > free(common_session); > close(fd); > return NULL; > } > > /* Perform handshake */ > // existing code > First, I don't think this should be necessary to get it working if libssh2 supports that crypt method. I believe it will use any supported method without having to set it as a preferred method, no? That said, setting it as preferred should not impede the connection, either, so this should be fine. > > Anyone want to comment on this approach or try to get it working? > With guacd in debug mode (guacd -L debug), what messages do you see during the SSH connection? Also, when you say it "won't load at all with it afterwards," what does this mean? It segfaults? Or guacd runs but the connection doesn't start? Or sometihng else? -Nick