• Support
  • Articles
  • Resources
  • Products

Autoconnect

Moderator: boris

  • 1
  • 2

29 postsPage 1 of 2

Juju
by Juju » Tue May 24, 2005 10:27 am
Hi everybody,

First thanks to yutaka for going on devlopping on the TTERM project and to boris for answering for often to everybody's question.

So here a small question:

Iwant to make a TTL script to autologin on a firewall with no login/passwd but only public/private key file.

Is it possible ?
Can i Use putygen ? Wich kind of key to I generate DSA / RSA ?

What is the FULL exact syntax : connect x.x.x.x:22 /ssh2 etc...

Thanks in advance !

Juju :wink:

 

Yutaka Hirata
TeraTerm Developer

Posts:
596
Joined: Wed Jan 12, 2005 2:35 pm
by Yutaka Hirata » Wed May 25, 2005 3:01 pm
Hi,

TeraTerm 4.15 can support auto-login with public key authentication.

Example:
ttermpro.exe 192.168.1.3:22 /ssh /auth=publickey /user=yutaka /passwd=foo /keyfile=id_rsa
Best regards, Yutaka Hirata
(yutakakn at gmail.com)
http://hp.vector.co.jp/authors/VA013320/

 

juju
by juju » Wed Jun 01, 2005 2:13 pm
thanks but it's not exactly what I want to do.

I want to do this from MACRO file.

And where to you enter your passphrase ? :roll:

Thanks a lot
juju
by juju » Wed Jun 01, 2005 2:45 pm
In fact the problem come from TeraTERM which refuse to read my private key.

I try ti generate with puttygen or Openssh 3.5 without success.

With OPENSSH i have this error

ASN1_CHECK_TLEN: Wrong TAG

My identity file look like that
-----BEGIN DSA PRIVATE KEY-----
AAAAFQCKR62x2nmhDzDOOnWMA0sx25PEDQ
...
...
...
-----END DSA PRIVATE KEY-----

 

Yutaka Hirata
TeraTerm Developer

Posts:
596
Joined: Wed Jan 12, 2005 2:35 pm
by Yutaka Hirata » Wed Jun 01, 2005 3:19 pm
Hi,

I upload your wanted macro in the following site:

http://sleep.mat-yan.jp/~yutaka/windows ... 2login.ttl
Best regards, Yutaka Hirata
(yutakakn at gmail.com)
http://hp.vector.co.jp/authors/VA013320/
juju
by juju » Wed Jun 01, 2005 3:44 pm
Thnak Yutaka, your cute :lol:

In fact you can forget my previous question.

I generate key with TeraTERM. It looks like the same than openSSH...

Ok here the problem I get.

I successfully log into my device, but Ihave a blank windows wich closed as soon as I strike one key.

Here the TTSSHLOG:

---------------------------------------------------------------------
Initiating SSH session at Wed Jun 01 17:35:25 2005
Received server prologue string: SSH-2.0-NetScreen
SSH2_MSG_KEXINIT was sent
SSH2_MSG_KEXINIT is receiving
SSH2_MSG_KEXDH_INIT was sent
SSH2_MSG_NEWKEYS is received(DH key generation is completed).
Server reports supported authentication method mask = 44
Entering secure mode
SSH2_MSG_SERVICE_REQUEST was sent.
SSH2_MSG_SERVICE_ACCEPT is received.
SSH2_MSG_USERAUTH_REQUEST was sent(method 2)
User authentication is successful and SSH heartbeat thread is starting.
SSH2_MSG_CHANNEL_OPEN was sent.
SSH2_MSG_CHANNEL_REQUEST was sent at handle_SSH2_open_confirm().
SSH2_MSG_CHANNEL_SUCCESS is received(nego_status 1).
SSH2_MSG_CHANNEL_REQUEST was sent at handle_SSH2_channel_success().
SSH2_MSG_CHANNEL_SUCCESS is received(nego_status 2).
Terminating SSH session...


Here my macro script
connect '10.186.10.146:22 /ssh /auth=publickey /user=admin /passwd=toto /keyfile=id_dsa'


Thanks for your help

 

Yutaka Hirata
TeraTerm Developer

Posts:
596
Joined: Wed Jan 12, 2005 2:35 pm
by Yutaka Hirata » Thu Jun 02, 2005 3:52 pm
Hi,

Q1.
Can you successfully login to NetScreen server without TeraTerm macro?

Q2.
If NetScreen server log can be retrieved, please show me the log.
Best regards, Yutaka Hirata
(yutakakn at gmail.com)
http://hp.vector.co.jp/authors/VA013320/
juju
by juju » Fri Jun 03, 2005 8:48 am
Hi Yutaka,

Q1: Yes and no:
YES: I can log successfully with /password type, MAcro or with Teraterm directly
NO: Ican't log successfully with publickey, Macro or with Teraterm directly

Here the log of the server:
With password (success):
10:40:52 Admin user netscreen has logged on via SSH from 10.186.9.176:3616
10:40:52 SSH: Password authentication successful for admin user 'admin' at host 10.186.9.176

With publickey (unsuccess):
SSH: PKA authentication successful for admin user '' at host 10.186.9.176.
....
nothing else
:roll:
juju
by juju » Fri Jun 03, 2005 9:08 am
Sorry I made a mistake, i got much more detail log of the netscreen ssh server.

I lauchn TeraTerm, enter IP/login/passphrase and the private key and I got a blank windows. I wait 10 sec, When I strike a key the windows gone.

Here the log of the ssh server :
## 11:03:20 : SSH: >>> ssh_accept_connection()
## 11:03:20 : SSH: <<< ssh_accept_connection() = 0
## 11:03:20 : SSH: >>> ssh_accept_connection()
## 11:03:20 : SSH: <<< ssh_accept_connection() = 0
## 11:03:23 : SSH: >>> ssh_accept_connection()
## 11:03:23 : SSH: <<< ssh_accept_connection() = 0
## 11:03:25 : SSH: >>> ssh_accept_connection()
## 11:03:25 : SSH: <<< ssh_accept_connection() = 3846
## 11:03:25 : --- send_init_string()
## 11:03:25 : SSH state trans: SSH_STATE_FREE(0) -> SSH_STATE_INIT(1)
## 11:03:25 : SSH netio: recv(s=24, l=64) = 25
## 11:03:25 : SSH: >>> process_init_string()
## 11:03:25 : SSH: --- process_init_string() init_string='SSH-2.0-TTSSH/2.14 Win32
' : bytes=25
## 11:03:25 : SSH: >>> ssh_remove_cr_nl(str=0x0663f0c0)
## 11:03:25 : SSH: --- ssh_remove_cr_nl() : nl=0x0663f0d8 : cr=0x00000000 : nl_len=24 : cr_len=0
## 11:03:25 : SSH: <<< ssh_remove_cr_nl(*bytes_removed=1) = 24
## 11:03:25 : SSH: <<< process_init_string() = 1
## 11:03:25 : SSH state trans: SSH_STATE_INIT(1) -> SSH_STATE_SEND_NEG(2)
## 11:03:25 : SSH message: OUT - SSH_MSG_KEXINIT(20)
## 11:03:25 : SSH netio: send(s=24, l=152) = 152
## 11:03:25 : SSH netio: send(24,,152,) = 152
## 11:03:25 : SSH: >>> ssh_remove_cr_nl(str=0x066082f0)
## 11:03:25 : SSH: --- ssh_remove_cr_nl() : nl=0x06608302 : cr=0x06608301 : nl_len=18 : cr_len=17
## 11:03:25 : SSH: <<< ssh_remove_cr_nl(*bytes_removed=2) = 17
## 11:03:25 : SSH state trans: SSH_STATE_SEND_NEG(2) -> SSH_STATE_RECV_NEG(3)
## 11:03:26 : SSH netio: recv(s=24, l=64) = 64
## 11:03:26 : SSH: >>> process_binary_frame()
## 11:03:26 : SSH: --- process_binary_frame() : buf_len=64 : packet_len=260
## 11:03:26 : SSH: <<< process_binary_frame() = 0
## 11:03:26 : extending recv() buffer
## 11:03:26 : SSH netio: recv(s=24, l=128) = 128
## 11:03:26 : SSH: >>> process_binary_frame()
## 11:03:26 : SSH: --- process_binary_frame() : buf_len=192 : packet_len=260
## 11:03:26 : SSH: <<< process_binary_frame() = 0
## 11:03:26 : extending recv() buffer
## 11:03:26 : SSH netio: recv(s=24, l=128) = 72
## 11:03:26 : SSH: >>> process_binary_frame()
## 11:03:26 : SSH: --- process_binary_frame() : buf_len=264 : packet_len=260
## 11:03:26 : SSH: --- process_binary_frame() : padding_len =11 : message_type=20
## 11:03:26 : SSH message: IN - SSH_MSG_KEXINIT(20)
## 11:03:26 : SSH: <<< process_binary_frame() = 1
## 11:03:26 : --- process_kex_neg()
## 11:03:26 : SSH state trans: SSH_STATE_RECV_NEG(3) -> SSH_STATE_RECV_DH_KEX(5)
## 11:03:26 : SSH netio: recv(s=24, l=320) = 144
## 11:03:26 : SSH: >>> process_binary_frame()
## 11:03:26 : SSH: --- process_binary_frame() : buf_len=144 : packet_len=140
## 11:03:26 : SSH: --- process_binary_frame() : padding_len =6 : message_type=30
## 11:03:26 : SSH message: IN - SSH_MSG_KEXDH_INIT(30)
## 11:03:26 : SSH: <<< process_binary_frame() = 1
## 11:03:26 : SSH message: OUT - SSH_MSG_KEXDH_REPLY(31)
## 11:03:26 : SSH state trans: SSH_STATE_RECV_DH_KEX(5) -> SSH_STATE_SEND_DH_KEX(4)
## 11:03:26 : SSH netio: send(s=24, l=640) = 640
## 11:03:26 : SSH netio: send(24,,640,) = 640
## 11:03:26 : SSH state trans: SSH_STATE_SEND_DH_KEX(4) -> SSH_STATE_SEND_NEW_KEYS(7)
## 11:03:26 : SSH netio: recv(s=24, l=320) = 16
## 11:03:26 : SSH message: OUT - SSH_MSG_NEWKEYS(21)
## 11:03:26 : SSH netio: send(s=24, l=16) = 16
## 11:03:26 : SSH netio: send(24,,16,) = 16
## 11:03:26 : SSH state trans: SSH_STATE_SEND_NEW_KEYS(7) -> SSH_STATE_RECV_NEW_KEYS(6)
## 11:03:26 : SSH: >>> process_binary_frame()
## 11:03:26 : SSH: --- process_binary_frame() : buf_len=16 : packet_len=12
## 11:03:26 : SSH: --- process_binary_frame() : padding_len =10 : message_type=21
## 11:03:26 : SSH message: IN - SSH_MSG_NEWKEYS(21)
## 11:03:26 : SSH: <<< process_binary_frame() = 1
## 11:03:26 : SSH state trans: SSH_STATE_RECV_NEW_KEYS(6) -> SSH_STATE_CONNECTING(8)
## 11:03:26 : SSH: >>> ssh_accept_connection()
## 11:03:26 : SSH: <<< ssh_accept_connection() = 0
## 11:03:29 : SSH: >>> ssh_accept_connection()
## 11:03:29 : SSH: <<< ssh_accept_connection() = 0
## 11:03:32 : SSH: >>> ssh_accept_connection()
## 11:03:32 : SSH: <<< ssh_accept_connection() = 0
## 11:03:34 : SSH netio: recv(s=24, l=320) = 52
## 11:03:34 : SSH message: IN - SSH_MSG_SERVICE_REQUEST(5)
## 11:03:34 : SSH message: OUT - SSH_MSG_SERVICE_ACCEPT(6)
## 11:03:34 : SSH netio: send(s=24, l=52) = 52
## 11:03:34 : SSH netio: send(24,,52,) = 52
## 11:03:34 : SSH netio: recv(s=24, l=320) = 320
## 11:03:34 : extending recv() buffer
## 11:03:34 : SSH netio: recv(s=24, l=128) = 128
## 11:03:34 : extending recv() buffer
## 11:03:34 : SSH netio: recv(s=24, l=128) = 128
## 11:03:34 : extending recv() buffer
## 11:03:34 : SSH netio: recv(s=24, l=128) = 12
## 11:03:34 : SSH message: IN - SSH_MSG_USERAUTH_REQUEST(50)
## 11:03:34 : SSH auth: >>> process_auth_request(ip=10.186.9.176, port=3690)
## 11:03:34 : SSH auth: --- process_auth_request() : admin=netscreen service=ssh-connection method=publickey
## 11:03:34 : SSH auth: --- process_auth_request(): auth_req=1 alg='ssh-dss'
## 11:03:34 : SSH auth: >>> ssh_pka_auth(name=netscreen, auth_req=1)
## 11:03:34 : SSH key: >>> sshv2_pka_query_pka_key(vsys=Root, name=netscreen, type=1, index=1) : sys_up_sec=1954
## 11:03:34 : SSH key: >>> sshv2_pki_req_query_pka_key(vsys=Root, name=netscreen, key_type=1)
## 11:03:34 : SSH key: <<< sshv2_pki_req_query_pka_key() = 1
## 11:03:34 : SSH key: >>> sshv2_pki_recv_query_pka_key(*ssh_key=00000000)
## 11:03:34 : SSH key: --- sshv2_pki_recv_query_pka_key() : vsys=Root : count=1
## 11:03:34 : SSH key: <<< sshv2_pki_recv_query_pka_key(*ssh_key=066077c0) = 1 (found=1)
## 11:03:34 : SSH key: <<< sshv2_pka_query_pka_key() = ssh_key=066077c0{type=1} : sys_up_sec=1954
## 11:03:34 : SSH auth: >>> ssh_key_verify(key_type=1, signaturelen=55, datalen=518)
## 11:03:34 : SSH auth: <<< ssh_key_verify() = 1
## 11:03:34 : SSH auth: <<< ssh_pka_auth() = 1
## 11:03:34 : SSH message: OUT - SSH_MSG_USERAUTH_SUCCESS(52)
## 11:03:34 : SSH netio: send(s=24, l=36) = 36
## 11:03:34 : SSH netio: send(24,,36,) = 36
## 11:03:34 : SSH auth: <<< process_auth_request(aaid=0) = 1
## 11:03:34 : SSH netio: recv(s=24, l=704) = 60
## 11:03:34 : SSH message: IN - SSH_MSG_CHANNEL_OPEN(90)
## 11:03:34 : --- process_channel_open()
## 11:03:34 : SSH message: OUT - SSH_MSG_CHANNEL_OPEN_CONFIRMATION(91)
## 11:03:34 : SSH netio: send(s=24, l=52) = 52
## 11:03:34 : SSH netio: send(24,,52,) = 52
## 11:03:34 : SSH netio: recv(s=24, l=704) = 76
## 11:03:34 : SSH message: IN - SSH_MSG_CHANNEL_REQUEST(98)
## 11:03:34 : SSH conn: >>> process_channel_request()
## 11:03:34 : SSH conn: channel_id=6, request_type_name=pty-req, want_reply=0
## 11:03:34 : SSH conn: <<< process_channel_request() = 0
## 11:03:34 : SSH netio: recv(s=24, l=704) = 44
## 11:03:34 : SSH message: IN - SSH_MSG_CHANNEL_REQUEST(98)
## 11:03:34 : SSH conn: >>> process_channel_request()
## 11:03:34 : SSH conn: channel_id=6, request_type_name=shell, want_reply=0
## 11:03:34 : SSH conn: >>> ssh_create_shell()
## 11:03:34 : SSH conn: <<< ssh_create_shell() = 1
## 11:03:34 : >>> ssh_2nd_console_authentication(un='', vsys='Root')
## 11:03:34 : <<< ssh_2nd_console_authentication(aaid=0) = 0
## 11:03:34 : SSH conn: <<< process_channel_request() = 0
## 11:03:35 : SSH: >>> ssh_accept_connection()
## 11:03:35 : SSH: <<< ssh_accept_connection() = 0
## 11:03:38 : SSH: >>> ssh_accept_connection()
## 11:03:38 : SSH: <<< ssh_accept_connection() = 0
## 11:03:41 : SSH: >>> ssh_accept_connection()
## 11:03:41 : SSH: <<< ssh_accept_connection() = 0
## 11:03:43 : SSH netio: recv(s=24, l=704) = 44
## 11:03:43 : SSH message: IN - SSH_MSG_CHANNEL_DATA(94)
## 11:03:43 : SSH state trans: SSH_STATE_CONNECTING(8) -> SSH_STATE_CLOSE(99)
## 11:03:43 : SSH conn: >>> ssh_free_shell()
## 11:03:43 : SSH conn: <<< ssh_free_shell()
## 11:03:43 : SSH state trans: SSH_STATE_FREE(0) -> SSH_STATE_FREE(0)


regards

Juju
juju
by juju » Fri Jun 03, 2005 9:11 am
As you see, I use user : "netscreen".

In the log the smiley have been inserted instead of 8 and ) =>8 ) without space between eight and )

 

boris
Moderator, LogMeTT and TTLEditor developer

Posts:
1577
Joined: Sat Jan 08, 2005 2:52 pm
by boris » Fri Jun 03, 2005 12:06 pm
Hi Juju,

There is an option 'Disable Smilies in this post' that you can use while posting your messages. Registered users of this forum can also go back and modify their earlier posted messages if needed. Registration if free and actually requires only to choose user name and password you will use.

I updated your last posting and it is free from smilies now.
Thanks.
Best regards,
Boris
juju
by juju » Fri Jun 03, 2005 12:41 pm
Thanks thousand times boris ! :wink:

 

Yutaka Hirata
TeraTerm Developer

Posts:
596
Joined: Wed Jan 12, 2005 2:35 pm
by Yutaka Hirata » Mon Jun 06, 2005 3:57 pm
Hi juju,

## 11:03:43 : SSH netio: recv(s=24, l=704) = 44
## 11:03:43 : SSH message: IN - SSH_MSG_CHANNEL_DATA(94)
## 11:03:43 : SSH state trans: SSH_STATE_CONNECTING(8) -> SSH_STATE_CLOSE(99)
## 11:03:43 : SSH conn: >>> ssh_free_shell()
## 11:03:43 : SSH conn: <<< ssh_free_shell()
## 11:03:43 : SSH state trans: SSH_STATE_FREE(0) -> SSH_STATE_FREE(0)


Did you enter the key between SSH_MSG_CHANNEL_DATA and SSH_STATE_CONNECTING in TeraTerm window?
Also can you login to the server with PuTTY or OpenSSH?

Thanks.
Best regards, Yutaka Hirata
(yutakakn at gmail.com)
http://hp.vector.co.jp/authors/VA013320/

 

juju
by juju » Mon Jun 06, 2005 4:56 pm
Hi yutaka,

First question:
I dont understand well the question. In fact I use the teraterm windows. I fill all fields: Username, passphrase and private key and I click OK !
And so I have a blank windows. When I made a mistake on the password for the passphrase i have an error message. That's mean I fill correctly all the fields !

Second question: Yes with Putty it's work and with OpensSH too.

 

mekanik
Newbie

Posts:
11
Joined: Mon Jun 06, 2005 8:50 pm
by mekanik » Mon Jun 06, 2005 9:12 pm
To get started, thanks to Yutaka / Boris for their contributions to the existing Tera Term package.

Now to add my $0.02 to the penny pile. I used to use autoconnect sessions to SSH1 enable nodes using the old TTSSH package using a private-key with no problems. With TTSSH2, I'm not able to accomplish this to the same node running an SSH2 daemon. There appears to be a negotiation failure of the keys during the authentication process. Just my thoughts.

-mekanik

 

Guest
by Guest » Tue Jun 07, 2005 12:12 pm
I should also add that I've tested this with PuTTY and the SSH client from ssh.com and was able to successfully autoconnect to the SSH2 node using public-key auth.

I've tried with TTSSH2 by pre-configuring my TERATERM.ini file, from the command line and by filling in the fields and it still fails.

**NOTE**: I also did not set a passphrase on my key-pair, so all I have to do, is send a username and my private-key and I should be able to autoconnect like PuTTY and the SSH (ssh.com) client.

-mekanik

 

mekanik
Newbie

Posts:
11
Joined: Mon Jun 06, 2005 8:50 pm
by mekanik » Tue Jun 07, 2005 12:19 pm
Anonymous wrote:I should also add that I've tested this with PuTTY and the SSH client from ssh.com and was able to successfully autoconnect to the SSH2 node using public-key auth.

I've tried with TTSSH2 by pre-configuring my TERATERM.ini file, from the command line and by filling in the fields and it still fails.

**NOTE**: I also did not set a passphrase on my key-pair, so all I have to do, is send a username and my private-key and I should be able to autoconnect like PuTTY and the SSH (ssh.com) client.

-mekanik


I forgot to login prior to posting. Sorry.

 

mekanik
Newbie

Posts:
11
Joined: Mon Jun 06, 2005 8:50 pm
by mekanik » Tue Jun 07, 2005 1:14 pm
Here is the error that I'm receiving when I'm trying to use publickey auth. This is the same whether I fill in the privatekey field or put it in the TERATERM.ini file.
read error SSH2 private key file
error:0906D06C:PEM routines:PEM_read_bio:no start line


I get the error message on keys with the following format:

Code: Select all

---- BEGIN SSH2 ENCRYPTED PRIVATE KEY ----
Subject: <username>
Comment: <comment info>
[-=- key info removed -=-]
---- END SSH2 ENCRYPTED PRIVATE KEY ----


-mekanik

 

Yutaka Hirata
TeraTerm Developer

Posts:
596
Joined: Wed Jan 12, 2005 2:35 pm
by Yutaka Hirata » Tue Jun 07, 2005 3:33 pm
Hi,

I think that it is difficult to solve this problem. I will try to think the result of this problem. Please wait a moment.
Best regards, Yutaka Hirata
(yutakakn at gmail.com)
http://hp.vector.co.jp/authors/VA013320/

 

mekanik
Newbie

Posts:
11
Joined: Mon Jun 06, 2005 8:50 pm
by mekanik » Wed Jun 08, 2005 2:21 am
Yutaka Hirata wrote:Hi,

I think that it is difficult to solve this problem. I will try to think the result of this problem. Please wait a moment.


TTSSH1 supported public-key auth with no problems. Can you take a look at the TTSSH1 source under the "ttxssh" directory to see if that can help? Or is it that TTSSH1 and TTSSH2 are totally different implemtations that it won't help? Thanks Yutaka.

-mekanik

 

mekanik
Newbie

Posts:
11
Joined: Mon Jun 06, 2005 8:50 pm
by mekanik » Wed Jun 08, 2005 12:18 pm
Yutaka, I've done some more testing and I've re-formatted my private-key to the format that TeraTerm generates the keys in. I then tried to use publickey auth and it appears that TeraTerm choked on my key length. The following is the error message that I receive:

Code: Select all

read error SSH2 private key file
error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long


I usually generate pretty large keys. I checked and found that the number of lines in the TeraTerm generated key is 16lines (this includes the blank line at the end). My number of lines in my key is 40lines (this includes the blank line at the end).

This may help with the debugging.

-mekanik
juju
by juju » Fri Jun 10, 2005 3:20 pm
Hi yutaka,

Have you some news to my problem ? :(

Do you need more logs ? :roll:

Thanks for helping me :cry:

 

Yutaka Hirata
TeraTerm Developer

Posts:
596
Joined: Wed Jan 12, 2005 2:35 pm
by Yutaka Hirata » Fri Jun 10, 2005 4:29 pm
Hi JuJu,

I am sorry for not replying you.
Now I am investigating TeraTerm source code to solve your problem. I think that the investigation is too long time.
Best regards, Yutaka Hirata
(yutakakn at gmail.com)
http://hp.vector.co.jp/authors/VA013320/
juju
by juju » Mon Jun 13, 2005 9:20 am
Hi yuitaka,

Thanks for trying to solve my problem.

If you need anything, ask me, i would be happy to help you :o

juju :wink:

 

mekanik
Newbie

Posts:
11
Joined: Mon Jun 06, 2005 8:50 pm
by mekanik » Thu Jun 30, 2005 2:19 am
Yutaka,

Have you been able to find out any additional information in regards to using public-key auth and why it fails with the error messages that I've provided? Regards,

-mekanik
Display posts from previous:
Sort by:
  • 1
  • 2

29 postsPage 1 of 2

Users browsing this forum: No registered users