• Support
  • Articles
  • Resources
  • Products
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 494: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 113: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 113: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 113: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 113: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead

SSH2 to Cisco Router - key verify error @ handle_SSH2_dh_kex

Moderator: boris

22 postsPage 1 of 1

NeverOutofTune
Newbie

Posts:
23
Joined: Tue Sep 13, 2005 2:53 pm
by NeverOutofTune » Tue Oct 17, 2006 2:56 am
Try to connect SSH2 to Cisco rouoer. Connect via SSH2 using TT v 4.46. Get popu window to enter credentials but windows goes away after 2 seconds and another pop up with error message "key verify error @ handle_SSH2_dh_kex_reply()"

Putty and Tera Term by Ayera work okay to connect via SSH.

Contents of ssh2dump.log:

<<<TeraTerm>>>
saved time: 2006/10/16 22:49:05

============================================
name: pure server ID
--------------------------------------------
description: ƒvƒ

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Sun Oct 22, 2006 2:45 pm
Hi,

We fixed invalid free of a memory.
This issue is possibly resolved with above fix.
Could you please try to this test version of ttxssh.dll?
http://www3.akira.ne.jp/~maya/ttxssh.zip

Regards,
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Sat Oct 28, 2006 12:09 am
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/
NeverOutofTune
Newbie

Posts:
23
Joined: Tue Sep 13, 2005 2:53 pm
by NeverOutofTune » Tue Nov 14, 2006 2:32 am
Just tried 4.4.8 and still get the same error.

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Fri Nov 17, 2006 3:29 pm
Hi,

I see. Could you please provide a dump of packet by ethereal/wireshark?

And it shows the error message with error code. Could you please try this?
http://www3.akira.ne.jp/~maya/ttxssh-fix.zip

Thanks,
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Tue Nov 21, 2006 5:22 pm
Hi,

TTSSH 2.37 (it is included in Tera Term Pro 4.49) shows
the error code at 'key verify error.'
Could you please let me know it?
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

NeverOutofTune
Newbie

Posts:
23
Joined: Tue Sep 13, 2005 2:53 pm
by NeverOutofTune » Fri Nov 24, 2006 4:03 am

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Fri Nov 24, 2006 5:38 am
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Fri Nov 24, 2006 8:49 am
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

NeverOutofTune
Newbie

Posts:
23
Joined: Tue Sep 13, 2005 2:53 pm
by NeverOutofTune » Fri Nov 24, 2006 10:34 pm
Putty release 0.58 on a Windows XP machine works without error.

I have the text version of the wireshark snif of the failed session. It is 1271 lines. I modified the destination to change the public address. Would you like me to post or email?

Configuration information from Cisco 2610XM IOS Version 12.4(5a)
ip ssh time-out 60
ip ssh authentication-retries 2
ip ssh version 2


<<<TeraTerm>>>
saved time: 2006/11/23 23:07:31

============================================
name: pure server ID
--------------------------------------------
description: start protocol version exchange
============================================
00000000 : 5353482D 322E302D 43697363 6F2D312E SSH-2.0-Cisco-1.
00000010 : 32350A 25.



============================================
name: server ID
--------------------------------------------
description: (null)
============================================
00000000 : 5353482D 322E302D 43697363 6F2D312E SSH-2.0-Cisco-1.
00000010 : 3235 25



============================================
name: client ID
--------------------------------------------
description: (null)
============================================
00000000 : 5353482D 322E302D 54545353 482F322E SSH-2.0-TTSSH/2.
00000010 : 33372057 696E3332 37 Win32



============================================
name: KEXINIT
--------------------------------------------
description: exchange algorithm list: receiving
============================================
00000000 : 0D4A65B5 8CB41C1A 7642395F 8A1D6B51 .Je.....vB9_..kQ
00000010 : 0000001A 64696666 69652D68 656C6C6D ....diffie-hellm
00000020 : 616E2D67 726F7570 312D7368 61310000 an-group1-sha1..
00000030 : 00077373 682D7273 61000000 29616573 ..ssh-rsa...)aes
00000040 : 3132382D 6362632C 33646573 2D636263 128-cbc,3des-cbc
00000050 : 2C616573 3139322D 6362632C 61657332 ,aes192-cbc,aes2
00000060 : 35362D63 62630000 00296165 73313238 56-cbc...)aes128
00000070 : 2D636263 2C336465 732D6362 632C6165 -cbc,3des-cbc,ae
00000080 : 73313932 2D636263 2C616573 3235362D s192-cbc,aes256-
00000090 : 63626300 00002B68 6D61632D 73686131 cbc...+hmac-sha1
000000A0 : 2C686D61 632D7368 61312D39 362C686D ,hmac-sha1-96,hm
000000B0 : 61632D6D 64352C68 6D61632D 6D64352D ac-md5,hmac-md5-
000000C0 : 39360000 002B686D 61632D73 6861312C 96...+hmac-sha1,
000000D0 : 686D6163 2D736861 312D3936 2C686D61 hmac-sha1-96,hma
000000E0 : 632D6D64 352C686D 61632D6D 64352D39 c-md5,hmac-md5-9
000000F0 : 36000000 046E6F6E 65000000 046E6F6E 6....none....non
00000100 : 65000000 00000000 00000000 000000 e..............



============================================
name: KEXDH_REPLY
--------------------------------------------
description: key exchange: receiving
============================================
00000000 : 00000057 00000007 7373682D 72736100 ...W....ssh-rsa.
00000010 : 00000301 00010000 004100C1 831B5ADE .........A....Z.
00000020 : CF9878D8 CAB85FB2 CFBFE42B AA77834E ..x..._....+.w.N
00000030 : 5F7E4902 D79D59D3 C6AAB970 6F4EA63C _~I...Y....poN.<
00000040 : E8290A3F 7C3DD510 C8BD1AE9 4F3655C4 .).?|=......O6U.
00000050 : CB55FE7B 91635F98 3BEE6F00 00008047 .U.{.c_.;.o....G
00000060 : 28F37D93 A2AD97E6 E2CA2520 C49A631B (.}.......% ..c.
00000070 : DBCA50EA 84EFE84E 7CF13DC6 C902F980 ..P....N|.=.....
00000080 : 1BDB148E B2F8761F A232676B 1C29D12C ......v..2gk.).,
00000090 : A27F4B6D 55FDA830 5FC9A63A 6402BFFF .KmU..0_..:d...
000000A0 : 49F05A51 6C6D1240 F318B3EF 20B72854 I.ZQlm.@.... .(T
000000B0 : FE8FBE45 7BFA8477 9F83A3C5 A4D8AA8D ...E{..w........
000000C0 : 2001F9FB 47FB8CCE 86C6095F FF42751A ...G......_.Bu.
000000D0 : CF9215F7 B751FFDA 97262E94 038E8D00 .....Q...&......
000000E0 : 00004F00 00000773 73682D72 73610000 ..O....ssh-rsa..
000000F0 : 00402DAE B53C3156 0C18CDB3 9E2179CA .@-..<1V.....!y.
00000100 : A8F499D8 55FA968C C588CA5E 12C62475 ....U......^..$u
00000110 : F65C2873 DBAB49D4 9605CC67 6DAB6334 .\(s..I....gm.c4
00000120 : 569C5BEE 7E775D73 8B9E9B75 592CA089 V.[.~w]s...uY,..
00000130 : E8B700 ...

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Fri Nov 24, 2006 11:46 pm
Hi,

I deleted the code that is checks the key length as a trial.
Is it work fine?
http://ttssh2.sourceforge.jp/snapshot/s ... 061125.zip

Thanks,
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Sat Nov 25, 2006 1:56 am
Hi,

I found the description for SSH2 on cisco.
http://www.cisco.com/univercd/cc/td/doc ... t_ssh2.htm
> For SSH Version 2, the modulus size must be at least 768 bits.

It may suggests the SSH2 client should not accept these key.
Your cisco sends 512 bit RSA key to the client.
Could you try to re-generate rsa key on cisco with enough key length?

Thanks,
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

NeverOutofTune
Newbie

Posts:
23
Joined: Tue Sep 13, 2005 2:53 pm
by NeverOutofTune » Sat Nov 25, 2006 4:19 am
Tried various lengths from 768 to 1024. This time I can connect :D to the router but as soon as I enter the first character of the enable password, I am disconnected :( and receive the popup:

Received trucated packet(15 > 5) @ grab_payload() - key size 768
Received trucated packet(17 > 5) @ grab_payload() - key size 768
Received trucated packet(18 > 5) @ grab_payload() - key size 769
Received trucated packet(31 > 5) @ grab_payload() - key size 1024

The " - key size ###" is not part of the popup but just to show what the key size was at the time of the error.

I can enter all other non-enable mode commands and stay connected. Putty works okay with a key size 768.

Switched to SSH V1 and Teraterm 4.49 works great.

SSH Log using SSH V2:

<<<TeraTerm>>>
saved time: 2006/11/23 23:07:31

============================================
name: pure server ID
--------------------------------------------
description: start protocol version exchange
============================================
00000000 : 5353482D 322E302D 43697363 6F2D312E SSH-2.0-Cisco-1.
00000010 : 32350A 25.



============================================
name: server ID
--------------------------------------------
description: (null)
============================================
00000000 : 5353482D 322E302D 43697363 6F2D312E SSH-2.0-Cisco-1.
00000010 : 3235 25



============================================
name: client ID
--------------------------------------------
description: (null)
============================================
00000000 : 5353482D 322E302D 54545353 482F322E SSH-2.0-TTSSH/2.
00000010 : 33372057 696E3332 37 Win32



============================================
name: KEXINIT
--------------------------------------------
description: exchange algorithm list: receiving
============================================
00000000 : 0D4A65B5 8CB41C1A 7642395F 8A1D6B51 .Je.....vB9_..kQ
00000010 : 0000001A 64696666 69652D68 656C6C6D ....diffie-hellm
00000020 : 616E2D67 726F7570 312D7368 61310000 an-group1-sha1..
00000030 : 00077373 682D7273 61000000 29616573 ..ssh-rsa...)aes
00000040 : 3132382D 6362632C 33646573 2D636263 128-cbc,3des-cbc
00000050 : 2C616573 3139322D 6362632C 61657332 ,aes192-cbc,aes2
00000060 : 35362D63 62630000 00296165 73313238 56-cbc...)aes128
00000070 : 2D636263 2C336465 732D6362 632C6165 -cbc,3des-cbc,ae
00000080 : 73313932 2D636263 2C616573 3235362D s192-cbc,aes256-
00000090 : 63626300 00002B68 6D61632D 73686131 cbc...+hmac-sha1
000000A0 : 2C686D61 632D7368 61312D39 362C686D ,hmac-sha1-96,hm
000000B0 : 61632D6D 64352C68 6D61632D 6D64352D ac-md5,hmac-md5-
000000C0 : 39360000 002B686D 61632D73 6861312C 96...+hmac-sha1,
000000D0 : 686D6163 2D736861 312D3936 2C686D61 hmac-sha1-96,hma
000000E0 : 632D6D64 352C686D 61632D6D 64352D39 c-md5,hmac-md5-9
000000F0 : 36000000 046E6F6E 65000000 046E6F6E 6....none....non
00000100 : 65000000 00000000 00000000 000000 e..............



============================================
name: KEXDH_REPLY
--------------------------------------------
description: key exchange: receiving
============================================
00000000 : 00000057 00000007 7373682D 72736100 ...W....ssh-rsa.
00000010 : 00000301 00010000 004100C1 831B5ADE .........A....Z.
00000020 : CF9878D8 CAB85FB2 CFBFE42B AA77834E ..x..._....+.w.N
00000030 : 5F7E4902 D79D59D3 C6AAB970 6F4EA63C _~I...Y....poN.<
00000040 : E8290A3F 7C3DD510 C8BD1AE9 4F3655C4 .).?|=......O6U.
00000050 : CB55FE7B 91635F98 3BEE6F00 00008047 .U.{.c_.;.o....G
00000060 : 28F37D93 A2AD97E6 E2CA2520 C49A631B (.}.......% ..c.
00000070 : DBCA50EA 84EFE84E 7CF13DC6 C902F980 ..P....N|.=.....
00000080 : 1BDB148E B2F8761F A232676B 1C29D12C ......v..2gk.).,
00000090 : A27F4B6D 55FDA830 5FC9A63A 6402BFFF .KmU..0_..:d...
000000A0 : 49F05A51 6C6D1240 F318B3EF 20B72854 I.ZQlm.@.... .(T
000000B0 : FE8FBE45 7BFA8477 9F83A3C5 A4D8AA8D ...E{..w........
000000C0 : 2001F9FB 47FB8CCE 86C6095F FF42751A ...G......_.Bu.
000000D0 : CF9215F7 B751FFDA 97262E94 038E8D00 .....Q...&......
000000E0 : 00004F00 00000773 73682D72 73610000 ..O....ssh-rsa..
000000F0 : 00402DAE B53C3156 0C18CDB3 9E2179CA .@-..<1V.....!y.
00000100 : A8F499D8 55FA968C C588CA5E 12C62475 ....U......^..$u
00000110 : F65C2873 DBAB49D4 9605CC67 6DAB6334 .\(s..I....gm.c4
00000120 : 569C5BEE 7E775D73 8B9E9B75 592CA089 V.[.~w]s...uY,..
00000130 : E8B700 ...



[EOF]

 

NeverOutofTune
Newbie

Posts:
23
Joined: Tue Sep 13, 2005 2:53 pm
by NeverOutofTune » Sat Nov 25, 2006 4:42 am
Debug IP SSH in a Telnet session while trying a second session using SSH V2. Router after successful login:

"Ena" entered and "Password:" prompt given

PUB_2610#
000515: Nov 24 23:37:02.776 est: SSH2 1: ssh_receive: 52 bytes received
000516: Nov 24 23:37:02.776 est: SSH2 1: input: packet len 32
000517: Nov 24 23:37:02.776 est: SSH2 1: partial packet 16, need 16, maclen 20
000518: Nov 24 23:37:02.780 est: SSH2 1: MAC #12 ok
000519: Nov 24 23:37:02.780 est: SSH2 1: input: padlen 17
000520: Nov 24 23:37:02.780 est: SSH2 1: received packet type 94
000521: Nov 24 23:37:02.780 est: SSH2 1: send: len 32 (includes padlen 17)
000522: Nov 24 23:37:02.780 est: SSH2 1: done calc MAC out #14
000523: Nov 24 23:37:02.940 est: SSH2 1: ssh_receive: 52 bytes received
000524: Nov 24 23:37:02.940 est: SSH2 1: input: packet len 32
000525: Nov 24 23:37:02.944 est: SSH2 1: partial packet 16, need 16, maclen 20
000526: Nov 24 23:37:02.944 est: SSH2 1: MAC #13 ok
000527: Nov 24 23:37:02.944 est: SSH2 1: input: padlen 17
000528: Nov 24 23:37:02.944 est: SSH2 1: received packet type 94
000529: Nov 24 23:37:02.944 est: SSH2 1: send: len 32 (includes padlen 17)
000530: Nov 24 23:37:02.948 est: SSH2 1: done calc MAC out #15
000531: Nov 24 23:37:03.064 est: SSH2 1: ssh_receive: 52 bytes received
000532: Nov 24 23:37:03.068 est: SSH2 1: input: packet len 32
000533: Nov 24 23:37:03.068 est: SSH2 1: partial packet 16, need 16, maclen 20
000534: Nov 24 23:37:03.068 est: SSH2 1: MAC #14 ok
000535: Nov 24 23:37:03.068 est: SSH2 1: input: padlen 17
000536: Nov 24 23:37:03.068 est: SSH2 1: received packet type 94
000537: Nov 24 23:37:03.072 est: SSH2 1: send: len 32 (includes padlen 17)
000538: Nov 24 23:37:03.072 est: SSH2 1: done calc MAC out #16
000539: Nov 24 23:37:03.321 est: SSH2 1: ssh_receive: 52 bytes received
000540: Nov 24 23:37:03.325 est: SSH2 1: input: packet len 32
000541: Nov 24 23:37:03.325 est: SSH2 1: partial packet 16, need 16, maclen 20
000542: Nov 24 23:37:03.325 est: SSH2 1: MAC #15 ok
000543: Nov 24 23:37:03.325 est: SSH2 1: input: padlen 17
000544: Nov 24 23:37:03.325 est: SSH2 1: received packet type 94
000545: Nov 24 23:37:03.329 est: SSH2 1: send: len 32 (includes padlen 16)
000546: Nov 24 23:37:03.329 est: SSH2 1: done calc MAC out #17
000547: Nov 24 23:37:03.333 est: SSH2 1: send: len 32 (includes padlen 8)
000548: Nov 24 23:37:03.333 est: SSH2 1: done calc MAC out #18


First character of enable password entered:

000549: Nov 24 23:37:14.711 est: SSH2 1: ssh_receive: 52 bytes received
000550: Nov 24 23:37:14.711 est: SSH2 1: input: packet len 32
000551: Nov 24 23:37:14.711 est: SSH2 1: partial packet 16, need 16, maclen 20
000552: Nov 24 23:37:14.715 est: SSH2 1: MAC #16 ok
000553: Nov 24 23:37:14.715 est: SSH2 1: input: padlen 17
000554: Nov 24 23:37:14.715 est: SSH2 1: received packet type 94
000555: Nov 24 23:37:14.715 est: SSH2 1: send: len 16 (includes padlen 6)
000556: Nov 24 23:37:14.715 est: SSH2 1: done calc MAC out #19
000557: Nov 24 23:37:14.767 est: SSH2 1: ssh_receive: 36 bytes received
000558: Nov 24 23:37:14.771 est: SSH2 1: input: packet len 16
000559: Nov 24 23:37:14.771 est: SSH2 1: partial packet 16, need 0, maclen 20
000560: Nov 24 23:37:14.771 est: SSH2 1: MAC #17 ok
000561: Nov 24 23:37:14.771 est: SSH2 1: input: padlen 6
000562: Nov 24 23:37:14.771 est: SSH2 1: received packet type 97
000563: Nov 24 23:37:14.775 est: SSH2 1: send: len 48 (includes padlen 18)
000564: Nov 24 23:37:14.775 est: SSH2 1: done calc MAC out #20
000565: Nov 24 23:37:14.880 est: SSH1: Session disconnected - error 0x07

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Sun Nov 26, 2006 5:06 am
Hi,

Thank you for your testing.
I feel it's good about first problem(key length) was solved.

Now we are meeting other problem. The cisco's log shows it's TTSSH bug.
But it is difficult to check for me, because this problem occurs at
after encryption is started. Then packet capture and ssh2dump.log
is not useful. I want to watch the memory(variable) of working TTSSH
on debbuger, but it is unacceptable because topical cisco is yours.

I want to know what is received when entering enable mode, and what
function calls grab_payload(). Would you please set LogLevel=100 in
section [TTSSH] on teraterm.ini, and please let me know log of TTSSH.LOG.
This dll outputs above informations.
http://www3.akira.ne.jp/~maya/ttxssh-debug-cisco.zip

Thanks,
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

NeverOutofTune
Newbie

Posts:
23
Joined: Tue Sep 13, 2005 2:53 pm
by NeverOutofTune » Sun Nov 26, 2006 5:15 pm
Using modified ttxssh.dll and SSH logging=100

---------------------------------------------------------------------
Initiating SSH session at Sun Nov 26 12:13:17 2006
Received server prologue string: SSH-2.0-Cisco-1.25
SSH2_MSG_KEXINIT was sent
SSH2_MSG_KEXINIT is receiving
SSH2_MSG_KEXDH_INIT was sent
SSH2_MSG_KEXDH_REPLY is receiving
SSH2_MSG_NEWKEYS was sent to server.
SSH2_MSG_NEWKEYS is received(DH key generation is completed).
Server reports supported authentication method mask = 44
Entering secure mode
SSH2_MSG_SERVICE_REQUEST was sent.
SSH2_MSG_SERVICE_ACCEPT is received.
SSH2_MSG_USERAUTH_REQUEST was sent(method 3)
User authentication is successful and SSH heartbeat thread is starting.
SSH2_MSG_CHANNEL_OPEN was sent.
SSH2_MSG_CHANNEL_REQUEST was sent at handle_SSH2_open_confirm().
SSH2_MSG_CHANNEL_SUCCESS is received(nego_status 1).
SSH2_MSG_CHANNEL_REQUEST was sent at handle_SSH2_channel_success().
SSH2_MSG_CHANNEL_SUCCESS is received(nego_status 2).
handle_ignore()
grab_payload(), num_bytes=4, in_buffer=5, pvar->ssh_state.payload_grabbed=5
grab_payload(), num_bytes=19, in_buffer=5, pvar->ssh_state.payload_grabbed=24
Received truncated packet (24 > 5) @ grab_payload()
Terminating SSH session...

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Mon Nov 27, 2006 12:28 pm
Hi,

Thank you for your reporting.
Could you please let me know TTSSH.LOG after SSH2_MSG_CHANNEL_SUCCESS ?
http://www3.akira.ne.jp/~maya/ttxssh-debug-cisco2.zip

Thanks,
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Mon Nov 27, 2006 2:25 pm
Hi,

I maked more modified dll. It outputs packet dump to ssh2dump.log.
Would you please let me know ssh2dump.log and TTSSH.LOG after 'enable' ?
http://www3.akira.ne.jp/~maya/ttxssh-debug-cisco3.zip

Thanks,
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

NeverOutofTune
Newbie

Posts:
23
Joined: Tue Sep 13, 2005 2:53 pm
by NeverOutofTune » Mon Nov 27, 2006 11:39 pm
TTSSH.LOG
-------------
prep_packet(), len=28
prep_packet(), already_decrypted=16
prep_packet() after decrypt, pvar->ssh_state.payloadlen=10
prep_packet() not decompress, pvar->ssh_state.payloadlen=10
prep_packet(), len=28
prep_packet(), already_decrypted=16
prep_packet() after decrypt, pvar->ssh_state.payloadlen=10
prep_packet() not decompress, pvar->ssh_state.payloadlen=10
prep_packet(), len=28
prep_packet(), already_decrypted=16
prep_packet() after decrypt, pvar->ssh_state.payloadlen=10
prep_packet() not decompress, pvar->ssh_state.payloadlen=10
prep_packet(), len=28
prep_packet(), already_decrypted=16
prep_packet() after decrypt, pvar->ssh_state.payloadlen=11
prep_packet() not decompress, pvar->ssh_state.payloadlen=11
prep_packet(), len=28
prep_packet(), already_decrypted=16
prep_packet() after decrypt, pvar->ssh_state.payloadlen=19
prep_packet() not decompress, pvar->ssh_state.payloadlen=19
prep_packet(), len=12
prep_packet(), already_decrypted=16
prep_packet() after decrypt, pvar->ssh_state.payloadlen=5
prep_packet() not decompress, pvar->ssh_state.payloadlen=5
handle_ignore()
grab_payload(), num_bytes=4, in_buffer=5, pvar->ssh_state.payload_grabbed=5
grab_payload(), num_bytes=5, in_buffer=5, pvar->ssh_state.payload_grabbed=10
Received truncated packet (10 > 5) @ grab_payload()
Terminating SSH session...


----------------

ssh2dump.log
----------------
<<<TeraTerm>>>
saved time: 2006/11/27 18:37:10

============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: (null)
--------------------------------------------
description: (null)
============================================



============================================
name: prep_packet
--------------------------------------------
description: start
============================================
00000000 : 06020000 0005B2D0 5288102E ........R...



============================================
name: prep_packet
--------------------------------------------
description: after decrypt
============================================
00000000 : 02000000 05 .....



============================================
name: prep_packet
--------------------------------------------
description: not decompress
============================================
00000000 : 00000005 B2 .....



[EOF]

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Tue Nov 28, 2006 1:04 pm
Hi,

We maybe fixed this issue.
Would you please check this dll?
http://www3.akira.ne.jp/~maya/ttxssh-debug-cisco4.zip

Thanks,
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/

 

NeverOutofTune
Newbie

Posts:
23
Joined: Tue Sep 13, 2005 2:53 pm
by NeverOutofTune » Wed Nov 29, 2006 6:06 am
:D This fixed the problem! I confirmed with a Cisco 2600XM and a Cisco 7206 router that both experienced the same problem.

Thank you very much for developing and supporting Tera Term.

 

maya
TeraTerm Developer

Posts:
177
Joined: Mon Sep 11, 2006 1:09 pm
by maya » Wed Nov 29, 2006 6:50 am
Hi,

I appreciate your long-term cooperation. :)
This fix will be included to next release.
Best regards,
NAGATA Shinya
http://ttssh2.sourceforge.jp/
Display posts from previous:
Sort by:

22 postsPage 1 of 1

Users browsing this forum: No registered users
cron