russh
russh copied to clipboard
Published
20 hours ago •
warp-tech
warp-tech
Curve25519 kex panic
I replied below this issue, but since the issue has been closed,I am worried that no one will see it, so I opened this issue.
This is extremely strange since it looks like it's trying to use curve25519 KEX even though DH-group14-sha1 was negotiated. I'll release the latest code state as a new beta just in case.
Published as
v0.34.0-beta.9
[2022-08-16T12:36:01Z DEBUG russh::ssh_read] read_ssh_id: reading
[2022-08-16T12:36:01Z DEBUG russh::ssh_read] read 256
[2022-08-16T12:36:01Z DEBUG russh::ssh_read] Err(Utf8Error { valid_up_to: 33, error_len: Some(1) })
[2022-08-16T12:36:01Z DEBUG russh::cipher] writing, seqn = 0
[2022-08-16T12:36:01Z DEBUG russh::cipher] padding length 5
[2022-08-16T12:36:01Z DEBUG russh::cipher] packet_length 692
[2022-08-16T12:36:01Z DEBUG russh::client] writing 696 bytes
[2022-08-16T12:36:01Z DEBUG russh::ssh_read] id 256 26
[2022-08-16T12:36:01Z DEBUG russh::ssh_read] read () bytes from id.buf
[2022-08-16T12:36:01Z DEBUG russh::cipher] reading, len = [0, 0, 1, 76]
[2022-08-16T12:36:01Z DEBUG russh::cipher] reading, seqn = 0
[2022-08-16T12:36:01Z DEBUG russh::cipher] reading, clear len = 332
[2022-08-16T12:36:01Z DEBUG russh::cipher] read_exact 336
[2022-08-16T12:36:01Z DEBUG russh::ssh_read] id 256 30
[2022-08-16T12:36:01Z DEBUG russh::ssh_read] read () bytes from id.buf
[2022-08-16T12:36:01Z DEBUG russh::ssh_read] id 256 256
[2022-08-16T12:36:01Z DEBUG russh::cipher] read_exact done
[2022-08-16T12:36:01Z DEBUG russh::cipher] reading, padding_length 8
[2022-08-16T12:36:01Z DEBUG russh::client::kex] client parse 323 [20, 95, 143, 187, 181, 51, 96, 226, 98, 207, 206, 182, 230, 181, 195, 211, 40, 0, 0, 0, 80, 100, 105, 102, 102, 105, 101, 45, 104, 101, 108, 108, 109, 97, 110, 45, 103, 114, 111, 117, 112, 49, 45, 115, 104, 97, 49, 44, 100, 105, 102, 102, 105, 101, 45, 104, 101, 108, 108, 109, 97, 110, 45, 103, 114, 111, 117, 112, 49, 52, 45, 115, 104, 97, 49, 44, 107, 101, 120, 103, 117, 101, 115, 115, 50, 64, 109, 97, 116, 116, 46, 117, 99, 99, 46, 97, 115, 110, 46, 97, 117, 0, 0, 0, 15, 115, 115, 104, 45, 114, 115, 97, 44, 115, 115, 104, 45, 100, 115, 115, 0, 0, 0, 61, 97, 101, 115, 49, 50, 56, 45, 99, 116, 114, 44, 51, 100, 101, 115, 45, 99, 116, 114, 44, 97, 101, 115, 50, 53, 54, 45, 99, 116, 114, 44, 97, 101, 115, 49, 50, 56, 45, 99, 98, 99, 44, 51, 100, 101, 115, 45, 99, 98, 99, 44, 97, 101, 115, 50, 53, 54, 45, 99, 98, 99, 0, 0, 0, 61, 97, 101, 115, 49, 50, 56, 45, 99, 116, 114, 44, 51, 100, 101, 115, 45, 99, 116, 114, 44, 97, 101, 115, 50, 53, 54, 45, 99, 116, 114, 44, 97, 101, 115, 49, 50, 56, 45, 99, 98, 99, 44, 51, 100, 101, 115, 45, 99, 98, 99, 44, 97, 101, 115, 50, 53, 54, 45, 99, 98, 99, 0, 0, 0, 18, 104, 109, 97, 99, 45, 115, 104, 97, 49, 44, 104, 109, 97, 99, 45, 109, 100, 53, 0, 0, 0, 18, 104, 109, 97, 99, 45, 115, 104, 97, 49, 44, 104, 109, 97, 99, 45, 109, 100, 53, 0, 0, 0, 4, 110, 111, 110, 101, 0, 0, 0, 4, 110, 111, 110, 101, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
[2022-08-16T12:36:01Z DEBUG russh::client::kex] extending []
[2022-08-16T12:36:01Z DEBUG russh::negotiation] kex 190
[2022-08-16T12:36:01Z DEBUG russh::negotiation] kex 212
[2022-08-16T12:36:01Z DEBUG russh::negotiation] kex 220
[2022-08-16T12:36:01Z DEBUG russh::negotiation] client_compression = None
[2022-08-16T12:36:01Z DEBUG russh::client::kex] algo = Names { kex: Name("diffie-hellman-group14-sha1"), key: Name("ssh-rsa"), cipher: Name("aes256-ctr"), client_mac: Name("hmac-sha1"), server_mac: Name("hmac-sha1"), server_compression: None, client_compression: None, ignore_guessed: false }
[2022-08-16T12:36:01Z DEBUG russh::client::kex] write = []
[2022-08-16T12:36:01Z DEBUG russh::client::kex] i0 = 686
[2022-08-16T12:36:01Z DEBUG russh::cipher] writing, seqn = 1
[2022-08-16T12:36:01Z DEBUG russh::cipher] padding length 6
[2022-08-16T12:36:01Z DEBUG russh::cipher] packet_length 44
[2022-08-16T12:36:01Z DEBUG russh::client::kex] moving to kexdhdone, exchange = Exchange { client_id: CryptoVec { p: 0x7fa1fe7086a0, size: 27, capacity: 32 }, server_id: CryptoVec { p: 0x7fa1fe708680, size: 24, capacity: 32 }, client_kex_init: CryptoVec { p: 0x7fa1ff813200, size: 686, capacity: 1024 }, server_kex_init: CryptoVec { p: 0x7fa1ff005320, size: 323, capacity: 512 }, client_ephemeral: CryptoVec { p: 0x7fa1ff204d40, size: 32, capacity: 32 }, server_ephemeral: CryptoVec { p: 0x1, size: 0, capacity: 0 } }
[2022-08-16T12:36:01Z DEBUG russh::client] writing to stream: 48 bytes
[2022-08-16T12:36:03Z DEBUG russh::cipher] reading, len = [0, 0, 3, 60]
[2022-08-16T12:36:03Z DEBUG russh::cipher] reading, seqn = 1
[2022-08-16T12:36:03Z DEBUG russh::cipher] reading, clear len = 828
[2022-08-16T12:36:03Z DEBUG russh::cipher] read_exact 832
[2022-08-16T12:36:03Z DEBUG russh::cipher] read_exact done
[2022-08-16T12:36:03Z DEBUG russh::cipher] reading, padding_length 8
[2022-08-16T12:36:03Z DEBUG russh::client] server_public_Key: RSA { key: OpenSSLPKey { (hidden) }, hash: SHA1 }
thread 'tokio-runtime-worker' panicked at 'source slice length (256) does not match destination slice length (32)', /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/russh-0.34.0-beta.9/src/kex/curve25519.rs:105:25
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
[2022-08-16T12:36:03Z DEBUG russh::client] drop session
Error: ClientFailed(Join(JoinError::Panic(Id(17), ...)))
Thanks. Could you please also post a full traceback with RUST_BACKTRACE=1? And is the server you're connecting to publicly accessible so that I could test against it?
Thanks. Could you please also post a full traceback with
RUST_BACKTRACE=1? And is the server you're connecting to publicly accessible so that I could test against it?
This may not be convenient for public access, but the ssh server information is Dropbear server v2014.63 (https://matt.ucc.asn.au/dropbear/dropbear.html)
https://mirror.dropbear.nl/mirror/releases/dropbear-2014.63.tar.bz2
[2022-08-16T12:41:32Z DEBUG russh::ssh_read] read_ssh_id: reading
[2022-08-16T12:41:32Z DEBUG russh::ssh_read] read 256
[2022-08-16T12:41:32Z DEBUG russh::ssh_read] Err(Utf8Error { valid_up_to: 32, error_len: Some(1) })
[2022-08-16T12:41:32Z DEBUG russh::cipher] writing, seqn = 0
[2022-08-16T12:41:32Z DEBUG russh::cipher] padding length 5
[2022-08-16T12:41:32Z DEBUG russh::cipher] packet_length 692
[2022-08-16T12:41:32Z DEBUG russh::client] writing 696 bytes
[2022-08-16T12:41:32Z DEBUG russh::ssh_read] id 256 26
[2022-08-16T12:41:32Z DEBUG russh::ssh_read] read () bytes from id.buf
[2022-08-16T12:41:32Z DEBUG russh::cipher] reading, len = [0, 0, 1, 76]
[2022-08-16T12:41:32Z DEBUG russh::cipher] reading, seqn = 0
[2022-08-16T12:41:32Z DEBUG russh::cipher] reading, clear len = 332
[2022-08-16T12:41:32Z DEBUG russh::cipher] read_exact 336
[2022-08-16T12:41:32Z DEBUG russh::ssh_read] id 256 30
[2022-08-16T12:41:32Z DEBUG russh::ssh_read] read () bytes from id.buf
[2022-08-16T12:41:32Z DEBUG russh::ssh_read] id 256 256
[2022-08-16T12:41:32Z DEBUG russh::cipher] read_exact done
[2022-08-16T12:41:32Z DEBUG russh::cipher] reading, padding_length 8
[2022-08-16T12:41:32Z DEBUG russh::client::kex] client parse 323 [20, 159, 114, 64, 132, 121, 169, 34, 249, 35, 172, 232, 193, 2, 132, 0, 182, 0, 0, 0, 80, 100, 105, 102, 102, 105, 101, 45, 104, 101, 108, 108, 109, 97, 110, 45, 103, 114, 111, 117, 112, 49, 45, 115, 104, 97, 49, 44, 100, 105, 102, 102, 105, 101, 45, 104, 101, 108, 108, 109, 97, 110, 45, 103, 114, 111, 117, 112, 49, 52, 45, 115, 104, 97, 49, 44, 107, 101, 120, 103, 117, 101, 115, 115, 50, 64, 109, 97, 116, 116, 46, 117, 99, 99, 46, 97, 115, 110, 46, 97, 117, 0, 0, 0, 15, 115, 115, 104, 45, 114, 115, 97, 44, 115, 115, 104, 45, 100, 115, 115, 0, 0, 0, 61, 97, 101, 115, 49, 50, 56, 45, 99, 116, 114, 44, 51, 100, 101, 115, 45, 99, 116, 114, 44, 97, 101, 115, 50, 53, 54, 45, 99, 116, 114, 44, 97, 101, 115, 49, 50, 56, 45, 99, 98, 99, 44, 51, 100, 101, 115, 45, 99, 98, 99, 44, 97, 101, 115, 50, 53, 54, 45, 99, 98, 99, 0, 0, 0, 61, 97, 101, 115, 49, 50, 56, 45, 99, 116, 114, 44, 51, 100, 101, 115, 45, 99, 116, 114, 44, 97, 101, 115, 50, 53, 54, 45, 99, 116, 114, 44, 97, 101, 115, 49, 50, 56, 45, 99, 98, 99, 44, 51, 100, 101, 115, 45, 99, 98, 99, 44, 97, 101, 115, 50, 53, 54, 45, 99, 98, 99, 0, 0, 0, 18, 104, 109, 97, 99, 45, 115, 104, 97, 49, 44, 104, 109, 97, 99, 45, 109, 100, 53, 0, 0, 0, 18, 104, 109, 97, 99, 45, 115, 104, 97, 49, 44, 104, 109, 97, 99, 45, 109, 100, 53, 0, 0, 0, 4, 110, 111, 110, 101, 0, 0, 0, 4, 110, 111, 110, 101, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
[2022-08-16T12:41:32Z DEBUG russh::client::kex] extending []
[2022-08-16T12:41:32Z DEBUG russh::negotiation] kex 190
[2022-08-16T12:41:32Z DEBUG russh::negotiation] kex 212
[2022-08-16T12:41:32Z DEBUG russh::negotiation] kex 220
[2022-08-16T12:41:32Z DEBUG russh::negotiation] client_compression = None
[2022-08-16T12:41:32Z DEBUG russh::client::kex] algo = Names { kex: Name("diffie-hellman-group14-sha1"), key: Name("ssh-rsa"), cipher: Name("aes256-ctr"), client_mac: Name("hmac-sha1"), server_mac: Name("hmac-sha1"), server_compression: None, client_compression: None, ignore_guessed: false }
[2022-08-16T12:41:32Z DEBUG russh::client::kex] write = []
[2022-08-16T12:41:32Z DEBUG russh::client::kex] i0 = 686
[2022-08-16T12:41:32Z DEBUG russh::cipher] writing, seqn = 1
[2022-08-16T12:41:32Z DEBUG russh::cipher] padding length 6
[2022-08-16T12:41:32Z DEBUG russh::cipher] packet_length 44
[2022-08-16T12:41:32Z DEBUG russh::client::kex] moving to kexdhdone, exchange = Exchange { client_id: CryptoVec { p: 0x7fb0961058c0, size: 27, capacity: 32 }, server_id: CryptoVec { p: 0x7fb0961058a0, size: 24, capacity: 32 }, client_kex_init: CryptoVec { p: 0x7fb09681ce00, size: 686, capacity: 1024 }, server_kex_init: CryptoVec { p: 0x7fb0960056b0, size: 323, capacity: 512 }, client_ephemeral: CryptoVec { p: 0x7fb0965044f0, size: 32, capacity: 32 }, server_ephemeral: CryptoVec { p: 0x1, size: 0, capacity: 0 } }
[2022-08-16T12:41:32Z DEBUG russh::client] writing to stream: 48 bytes
[2022-08-16T12:41:34Z DEBUG russh::cipher] reading, len = [0, 0, 3, 60]
[2022-08-16T12:41:34Z DEBUG russh::cipher] reading, seqn = 1
[2022-08-16T12:41:34Z DEBUG russh::cipher] reading, clear len = 828
[2022-08-16T12:41:34Z DEBUG russh::cipher] read_exact 832
[2022-08-16T12:41:34Z DEBUG russh::cipher] read_exact done
[2022-08-16T12:41:34Z DEBUG russh::cipher] reading, padding_length 7
[2022-08-16T12:41:34Z DEBUG russh::client] server_public_Key: RSA { key: OpenSSLPKey { (hidden) }, hash: SHA1 }
thread 'tokio-runtime-worker' panicked at 'source slice length (257) does not match destination slice length (32)', /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/russh-0.34.0-beta.9/src/kex/curve25519.rs:105:25
stack backtrace:
0: rust_begin_unwind
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/panicking.rs:584:5
1: core::panicking::panic_fmt
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/panicking.rs:142:14
2: core::slice::<impl [T]>::copy_from_slice::len_mismatch_fail
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/slice/mod.rs:3221:13
3: core::slice::<impl [T]>::copy_from_slice
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/slice/mod.rs:3228:13
4: <[T] as core::slice::CloneFromSpec<T>>::spec_clone_from
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/slice/mod.rs:4129:9
5: core::slice::<impl [T]>::clone_from_slice
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/slice/mod.rs:3151:9
6: <russh::kex::curve25519::Curve25519Kex as russh::kex::KexAlgorithm>::compute_shared_secret
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/russh-0.34.0-beta.9/src/kex/curve25519.rs:105:9
7: russh::client::<impl russh::session::KexDhDone>::server_key_check::{{closure}}::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/russh-0.34.0-beta.9/src/client/mod.rs:1104:17
8: std::thread::local::LocalKey<T>::try_with
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/thread/local.rs:445:16
9: std::thread::local::LocalKey<T>::with
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/thread/local.rs:421:9
10: russh::client::<impl russh::session::KexDhDone>::server_key_check::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/russh-0.34.0-beta.9/src/client/mod.rs:1096:9
11: <core::future::from_generator::GenFuture<T> as core::future::future::Future>::poll
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/future/mod.rs:91:19
12: russh::client::reply::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/russh-0.34.0-beta.9/src/client/mod.rs:1166:79
13: <core::future::from_generator::GenFuture<T> as core::future::future::Future>::poll
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/future/mod.rs:91:19
14: russh::client::Session::run::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/russh-0.34.0-beta.9/src/client/mod.rs:904:90
15: <core::future::from_generator::GenFuture<T> as core::future::future::Future>::poll
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/future/mod.rs:91:19
16: <core::pin::Pin<P> as core::future::future::Future>::poll
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/future/future.rs:124:9
17: tokio::runtime::task::core::CoreStage<T>::poll::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/core.rs:165:17
18: tokio::loom::std::unsafe_cell::UnsafeCell<T>::with_mut
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/loom/std/unsafe_cell.rs:14:9
19: tokio::runtime::task::core::CoreStage<T>::poll
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/core.rs:155:13
20: tokio::runtime::task::harness::poll_future::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/harness.rs:470:19
21: <core::panic::unwind_safe::AssertUnwindSafe<F> as core::ops::function::FnOnce<()>>::call_once
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/panic/unwind_safe.rs:271:9
22: std::panicking::try::do_call
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/panicking.rs:492:40
23: ___rust_try
24: std::panicking::try
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/panicking.rs:456:19
25: std::panic::catch_unwind
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/panic.rs:137:14
26: tokio::runtime::task::harness::poll_future
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/harness.rs:458:18
27: tokio::runtime::task::harness::Harness<T,S>::poll_inner
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/harness.rs:104:27
28: tokio::runtime::task::harness::Harness<T,S>::poll
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/harness.rs:57:15
29: tokio::runtime::task::raw::poll
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/raw.rs:144:5
30: tokio::runtime::task::raw::RawTask::poll
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/raw.rs:84:18
31: tokio::runtime::task::LocalNotified<S>::run
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/mod.rs:376:9
32: tokio::runtime::thread_pool::worker::Context::run_task::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/thread_pool/worker.rs:435:13
33: tokio::coop::with_budget::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/coop.rs:102:9
34: std::thread::local::LocalKey<T>::try_with
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/thread/local.rs:445:16
35: std::thread::local::LocalKey<T>::with
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/thread/local.rs:421:9
36: tokio::coop::with_budget
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/coop.rs:95:5
37: tokio::coop::budget
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/coop.rs:72:5
38: tokio::runtime::thread_pool::worker::Context::run_task
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/thread_pool/worker.rs:434:9
39: tokio::runtime::thread_pool::worker::Context::run
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/thread_pool/worker.rs:401:24
40: tokio::runtime::thread_pool::worker::run::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/thread_pool/worker.rs:386:17
41: tokio::macros::scoped_tls::ScopedKey<T>::set
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/macros/scoped_tls.rs:61:9
42: tokio::runtime::thread_pool::worker::run
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/thread_pool/worker.rs:383:5
43: tokio::runtime::thread_pool::worker::Launch::launch::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/thread_pool/worker.rs:362:45
44: <tokio::runtime::blocking::task::BlockingTask<T> as core::future::future::Future>::poll
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/blocking/task.rs:42:21
45: tokio::runtime::task::core::CoreStage<T>::poll::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/core.rs:165:17
46: tokio::loom::std::unsafe_cell::UnsafeCell<T>::with_mut
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/loom/std/unsafe_cell.rs:14:9
47: tokio::runtime::task::core::CoreStage<T>::poll
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/core.rs:155:13
48: tokio::runtime::task::harness::poll_future::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/harness.rs:470:19
49: <core::panic::unwind_safe::AssertUnwindSafe<F> as core::ops::function::FnOnce<()>>::call_once
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/core/src/panic/unwind_safe.rs:271:9
50: std::panicking::try::do_call
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/panicking.rs:492:40
51: ___rust_try
52: std::panicking::try
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/panicking.rs:456:19
53: std::panic::catch_unwind
at /rustc/e092d0b6b43f2de967af0887873151bb1c0b18d3/library/std/src/panic.rs:137:14
54: tokio::runtime::task::harness::poll_future
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/harness.rs:458:18
55: tokio::runtime::task::harness::Harness<T,S>::poll_inner
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/harness.rs:104:27
56: tokio::runtime::task::harness::Harness<T,S>::poll
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/harness.rs:57:15
57: tokio::runtime::task::raw::poll
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/raw.rs:144:5
58: tokio::runtime::task::raw::RawTask::poll
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/raw.rs:84:18
59: tokio::runtime::task::UnownedTask<S>::run
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/task/mod.rs:413:9
60: tokio::runtime::blocking::pool::Task::run
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/blocking/pool.rs:91:9
61: tokio::runtime::blocking::pool::Inner::run
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/blocking/pool.rs:325:17
62: tokio::runtime::blocking::pool::Spawner::spawn_thread::{{closure}}
at /Users/mika/.cargo/registry/src/rsproxy.cn-8f6827c7555bfaf8/tokio-1.19.2/src/runtime/blocking/pool.rs:300:13
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
[2022-08-16T12:41:34Z DEBUG russh::client] drop session
Error: ClientFailed(Join(JoinError::Panic(Id(17), ...)))
Are you using any specific dropbear configuration? I couldn't reproduce it with ./dropbear -F -E -R -B -p 2222 and current master branch
Are you using any specific dropbear configuration? I couldn't reproduce it with
./dropbear -F -E -R -B -p 2222and current master branch
no special configuration
# ps | grep drop
927 root 1244 S /usr/sbin/dropbear -F -P /var/run/dropbear.1.pid -p 22 -K 300
# cat /etc/config/dropbear
config dropbear
option PasswordAuth 'on'
option RootPasswordAuth 'on'
option Port '22'
I got a different problem after trying to modify it like this
(commit d441b65ce06b7611c912f6e23effeabc393696f5 (HEAD -> master, origin/master, origin/HEAD))
--- a/russh/src/negotiation.rs
+++ b/russh/src/negotiation.rs
@@ -80,7 +80,12 @@ impl Preferred {
#[cfg(feature = "openssl")]
pub const DEFAULT: Preferred = Preferred {
kex: KEX_ORDER,
- key: &[key::ED25519, key::RSA_SHA2_256, key::RSA_SHA2_512],
+ key: &[
+ key::ED25519,
+ key::RSA_SHA2_256,
+ key::RSA_SHA2_512,
+ key::SSH_RSA,
+ ],
[2022-09-08T08:38:20Z DEBUG russh::ssh_read] read_ssh_id: reading
[2022-09-08T08:38:20Z DEBUG russh::ssh_read] read 256
[2022-09-08T08:38:20Z DEBUG russh::ssh_read] Err(Utf8Error { valid_up_to: 36, error_len: Some(1) })
[2022-09-08T08:38:20Z DEBUG russh::cipher] writing, seqn = 0
[2022-09-08T08:38:20Z DEBUG russh::cipher] padding length 9
[2022-09-08T08:38:20Z DEBUG russh::cipher] packet_length 708
[2022-09-08T08:38:20Z DEBUG russh::client] writing 712 bytes
[2022-09-08T08:38:20Z DEBUG russh::ssh_read] id 256 26
[2022-09-08T08:38:20Z DEBUG russh::cipher] reading, len = [0, 0, 1, 76]
[2022-09-08T08:38:20Z DEBUG russh::cipher] reading, seqn = 0
[2022-09-08T08:38:20Z DEBUG russh::cipher] reading, clear len = 332
[2022-09-08T08:38:20Z DEBUG russh::cipher] read_exact 336
[2022-09-08T08:38:20Z DEBUG russh::ssh_read] id 256 30
[2022-09-08T08:38:20Z DEBUG russh::ssh_read] id 256 256
[2022-09-08T08:38:20Z DEBUG russh::cipher] read_exact done
[2022-09-08T08:38:20Z DEBUG russh::cipher] reading, padding_length 8
[2022-09-08T08:38:20Z DEBUG russh::client::kex] extending []
[2022-09-08T08:38:20Z DEBUG russh::negotiation] kex 197
[2022-09-08T08:38:20Z DEBUG russh::negotiation] kex 219
[2022-09-08T08:38:20Z DEBUG russh::negotiation] kex 227
[2022-09-08T08:38:20Z DEBUG russh::negotiation] client_compression = None
[2022-09-08T08:38:20Z DEBUG russh::client::kex] algo = Names { kex: Name("diffie-hellman-group14-sha1"), key: Name("ssh-rsa"), cipher: Name("aes256-ctr"), client_mac: Name("hmac-sha1"), server_mac: Name("hmac-sha1"), server_compression: None, client_compression: None, ignore_guessed: false }
[2022-09-08T08:38:20Z DEBUG russh::client::kex] write = []
[2022-09-08T08:38:20Z DEBUG russh::client::kex] i0 = 698
[2022-09-08T08:38:20Z DEBUG russh::cipher] writing, seqn = 1
[2022-09-08T08:38:20Z DEBUG russh::cipher] padding length 6
[2022-09-08T08:38:20Z DEBUG russh::cipher] packet_length 44
[2022-09-08T08:38:20Z DEBUG russh::client::kex] moving to kexdhdone, exchange = Exchange { client_id: CryptoVec { p: 0x7fb8f5b04530, size: 28, capacity: 32 }, server_id: CryptoVec { p: 0x7fb8f5b04510, size: 24, capacity: 32 }, client_kex_init: CryptoVec { p: 0x7fb8f7008200, size: 698, capacity: 1024 }, server_kex_init: CryptoVec { p: 0x7fb8f5d042c0, size: 323, capacity: 512 }, client_ephemeral: CryptoVec { p: 0x7fb8f5e04080, size: 32, capacity: 32 }, server_ephemeral: CryptoVec { p: 0x1, size: 0, capacity: 0 } }
[2022-09-08T08:38:20Z DEBUG russh::client] drop session
Error: ClientFailed(IO(Custom { kind: UnexpectedEof, error: "early eof" }))
Is there anything I can do to help with further testing?
I also have such issue when I connect to a host like this:
$ nmap --script ssh2-enum-algos -sV -p 9922 192.168.0.32
PORT STATE SERVICE VERSION
9922/tcp open ssh OpenSSH 6.1 (protocol 2.0)
| ssh2-enum-algos:
| kex_algorithms: (7)
| ecdh-sha2-nistp256
| ecdh-sha2-nistp384
| ecdh-sha2-nistp521
| diffie-hellman-group-exchange-sha256
| diffie-hellman-group-exchange-sha1
| diffie-hellman-group14-sha1
| diffie-hellman-group1-sha1
| server_host_key_algorithms: (1)
| ssh-rsa
| encryption_algorithms: (13)
| aes128-ctr
| aes192-ctr
| aes256-ctr
| arcfour256
| arcfour128
| aes128-cbc
| 3des-cbc
| blowfish-cbc
| cast128-cbc
| aes192-cbc
| aes256-cbc
| arcfour
| [email protected]
| mac_algorithms: (9)
| hmac-md5
| hmac-sha1
| [email protected]
| hmac-sha2-256
| hmac-sha2-512
| hmac
- I added
key::SSH_RSAinpreferred, and the key exchange produced the same error in this issue (which can be confirmed fixed in v0.34.0-beta.9 🎉 ) - I then moved
kex::DH_G14_SHA1to the first place, the key exchange succeeded, but I got failed authentication.
Not sure if this is a host or client issue, and I'll be sharing more info if I could.
I noticed write_auth_request: "rsa-sha2-256" in the log, while it was supposed to be disabled.
[2023-01-25T14:32:03Z DEBUG russh::client::encrypted] sending ssh-userauth service requset
[2023-01-25T14:32:03Z DEBUG russh::cipher] writing, seqn = 3
[2023-01-25T14:32:03Z DEBUG russh::cipher] padding length 10
[2023-01-25T14:32:03Z DEBUG russh::cipher] packet_length 28
[2023-01-25T14:32:03Z DEBUG russh::client::encrypted] write_auth_request_if_needed: is_waiting = false
[2023-01-25T14:32:03Z DEBUG russh::cipher] reading, len = [155, 168, 144, 193]
[2023-01-25T14:32:03Z DEBUG russh::cipher] reading, seqn = 3
[2023-01-25T14:32:03Z DEBUG russh::cipher] reading, clear len = 92
[2023-01-25T14:32:03Z DEBUG russh::cipher] read_exact 96
[2023-01-25T14:32:03Z DEBUG russh::cipher] read_exact done
[2023-01-25T14:32:03Z DEBUG russh::cipher] reading, padding_length 0
[2023-01-25T14:32:03Z DEBUG russh::client::encrypted] waiting service request, Some(6) 6
[2023-01-25T14:32:03Z DEBUG russh::client::encrypted] write_auth_request: "rsa-sha2-256"
[2023-01-25T14:32:03Z DEBUG russh::client::encrypted] enc: [0, 0, 1, 88, 50, 0, 0, 0, 8, 112, 114, 105, 115, 111, 110, 101, 114, 0, 0, 0, 14, 115, 115, 104, 45, 99, 111, 110, 110, 101, 99, 116, 105, 111, 110, 0, 0, 0, 9, 112, 117, 98, 108, 105, 99, 107, 101, 121, 0, 0, 0, 0, 12, 114, 115, 97, 45, 115, 104, 97, 50, 45, 50, 53, 54, 0, 0, 1, 23, 0, 0, 0, 7, 115, 115, 104, 45, 114, 115, 97, 0, 0, 0, 3, 1, 0, 1, 0, 0, 1, 1, 0, 197, 161, 173, 52, 93, 158, 226, 4, 249, 99, 209, 172, 131, 132, 136, 150, 19, 162, 245, 14, 76, 142, 53, 197, 241, 12, 84, 36, 23, 190, 223, 33, 18, 101, 8, 4, 126, 93, 108, 251, 67, 194, 19, 21, 199, 2, 209, 14, 253, 229, 105, 198, 111, 175, 113, 40, 242, 248, 106, 153, 9, 154, 53, 105, 69, 59, 110, 197, 6, 70, 30, 149, 59, 167, 2, 218, 128, 17, 104, 125, 251, 93, 251, 12, 160, 121, 13, 58, 64, 224, 172, 219, 60, 221, 105, 211, 5, 4, 86, 174, 107, 91, 200, 123, 253, 18, 119, 119, 92, 230, 60, 189, 56, 249, 5, 155, 26, 216, 158, 125, 104, 185, 234, 16, 126, 65, 89, 23, 74, 185, 79, 109, 242, 51, 149, 111, 12, 210, 123, 175, 219, 238, 29, 248, 64, 133, 242, 155, 18, 106, 62, 235, 249, 218, 22, 239, 51, 139, 200, 247, 60, 195, 91, 85, 253, 183, 178, 237, 74, 66, 246, 217, 222, 32, 139, 94, 70, 194, 39, 145, 25, 84, 6, 113, 65, 245, 150, 73, 69, 204, 109, 44, 89, 203, 252, 166, 113, 184, 64, 155, 7, 146, 8, 210, 248, 56, 244, 153, 30, 137, 66, 222, 247, 46, 57, 50, 162, 199, 131, 98, 253, 38, 204, 168, 238, 72, 195, 103, 18, 81, 115, 37, 16, 187, 222, 110, 115, 238, 27, 83, 72, 198, 134, 4, 214, 157, 65, 138, 12, 121, 61, 239, 98, 71, 195, 121]
[2023-01-25T14:32:03Z DEBUG russh::cipher] writing, seqn = 4
[2023-01-25T14:32:03Z DEBUG russh::cipher] padding length 19
[2023-01-25T14:32:03Z DEBUG russh::cipher] packet_length 364
[2023-01-25T14:32:03Z DEBUG russh::cipher] reading, len = [254, 101, 127, 34]
[2023-01-25T14:32:03Z DEBUG russh::cipher] reading, seqn = 4
[2023-01-25T14:32:03Z DEBUG russh::cipher] reading, clear len = 108
[2023-01-25T14:32:03Z DEBUG russh::cipher] read_exact 112
[2023-01-25T14:32:03Z DEBUG russh::cipher] read_exact done
[2023-01-25T14:32:03Z DEBUG russh::cipher] reading, padding_length 0
[2023-01-25T14:32:03Z DEBUG russh::client::encrypted] userauth_failure
[2023-01-25T14:32:03Z DEBUG russh::client::encrypted] remaining methods Ok("publickey,keyboard-interactive")
[2023-01-25T14:32:03Z DEBUG russh::client] drop handle
[2023-01-25T14:32:03Z DEBUG russh::client] disconnected
[2023-01-25T14:32:03Z DEBUG russh::client] drop session
After some more digging, I found this line might be the cause to failed authentication:
https://github.com/warp-tech/russh/blob/8e5043f687c3ed9354aa30734a507a9557fe569d/russh-keys/src/format/mod.rs#L136
If I change the hash algorithm to the only supported SHA1 like below, the connection can be made successfully.
#[cfg(feature = "openssl")]
fn decode_rsa(secret: &[u8]) -> Result<key::KeyPair, Error> {
Ok(key::KeyPair::RSA {
key: Rsa::private_key_from_der(secret)?,
hash: key::SignatureHash::SHA1,
})
}
I think the hash field for RSA is not really necessary here, as it can pick any algorithm to produce needed one.