[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16947057#comment-16947057 ] Yuefeng commented on SSHD-941: -- in our work-around, SecurityUtils#setMaxDHGroupExchangeKeySize is called in static block, so it is initialized before client starts. It didn't work without "SEND_IMMEDIATE_IDENTIFICATION" work-around. > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Assignee: Lyor Goldstein >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 > debug1: Remote protocol version 2.0, remote software version Cisco-1.25 > debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x6000 > debug2: fd 3 setting O_NONBLOCK > debug1: Authenticating to 10.10.20.25:22 as 'admin' > debug3: hostk
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16945308#comment-16945308 ] Lyor Goldstein commented on SSHD-941: - {{SecurityUtils.setMaxDHGroupExchangeKeySize}} is part of the release since a very early stage. As far as the immediate identification sending feature - it depends when we accumulate enough changes in version 2.3.0 to warrant a new release. My guess is not before 2020... > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Assignee: Lyor Goldstein >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 > debug1: Remote protocol version 2.0, remote software version Cisco-1.25 > debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x6000 > debug2: fd 3 set
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16944818#comment-16944818 ] Yuefeng commented on SSHD-941: -- combining the two work-arounds worked - PropertyResolverUtils.updateProperty(client, ClientFactoryManager.SEND_IMMEDIATE_IDENTIFICATION, false); SecurityUtils.setMaxDHGroupExchangeKeySize(4096) When will both fixes make it into release? and which release version will that be? > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Assignee: Lyor Goldstein >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 > debug1: Remote protocol version 2.0, remote software version Cisco-1.25 > debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x6000 > debug2: fd 3 settin
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16940246#comment-16940246 ] Lyor Goldstein commented on SSHD-941: - {code} mina ssh needs to receive "server version string: ..." before sending SSH_MSG_USERAUTH_REQUEST in order to connect with Cisco device {code} Indeed, and for this there is a +special setting+ that needs to be activated in the _main_ code (see SSHD-930): {code:java} SshClient client = ...setup client... PropertyResolverUtils.updateProperty(client, ClientFactoryManager.SEND_IMMEDIATE_IDENTIFICATION, false); client.start(); {code} This will delay the client's KEX-INIT until the server's identification is received (and reported) - thus enabling the code to prepare the session correctly. This also explains why {quote}onnection with IOS only has 50/50 chance of succeeding.{quote} it depends on whether the server's identification has been received or not before the KEX setting has been changed. *Note:* the delay feature is not yet part of the released version > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Assignee: Lyor Goldstein >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > de
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16940243#comment-16940243 ] Lyor Goldstein commented on SSHD-941: - {quote} With dhg keysize workaround, connection with IOS only has 50/50 chance of succeeding. {quote} I find that very strange - please make sure that you initialize the value +before+ starting the client - as part of your _main_ code. For that matter, I recommend calling +explicitly+ {{SecurityUtils#setMaxDHGroupExchangeKeySize}} in the code and not rely on the system property. > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Assignee: Lyor Goldstein >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 > debug1: Remote protocol version 2.0, re
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16939661#comment-16939661 ] Yuefeng commented on SSHD-941: -- from logs I posted couple comments up, if SSH_MSG_USERAUTH_REQUEST message is sent after receiving "Server version string: ...", key exchange proceeds, ssh connection succeeds if SSH_MSG_USERAUTH_REQUEST is sent before receiving "Server version string: ...", ssh connection attempts hang my hypothesis is that, mina ssh needs to receive "server version string: ..." before sending SSH_MSG_USERAUTH_REQUEST in order to connect with Cisco device > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Assignee: Lyor Goldstein >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16939620#comment-16939620 ] Lyor Goldstein commented on SSHD-941: - What do you mean by {quote} additional fix on when to send "SSH_MSG_USERAUTH_REQUEST" is also needed to have successful connection. {quote} > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Assignee: Lyor Goldstein >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 > debug1: Remote protocol version 2.0, remote software version Cisco-1.25 > debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x6000 > debug2: fd 3 setting O_NONBLOCK > debug1: Authenticating to 10.10.20.25:22 as 'admin' > debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16938966#comment-16938966 ] Yuefeng commented on SSHD-941: -- I tried "org.apache.sshd.maxDHGexKeySize=XX" workarounds, and the best I can get is 50/50 chance of connecting with "org.apache.sshd.maxDHGexKeySize=2048". here's the log for failed connection: {code:java} 2019-09-26 20:34:15.006Z [sshd-SshClient[21c31bdd]-nio2-thread-21] DEBUG o.a.s.c.session.ClientSessionImpl:68 - Client session created: Nio2Session[local=/10.10.20.1:52646, remote=/10.10.20.25:22] 2019-09-26 20:34:15.006Z [sshd-SshClient[21c31bdd]-nio2-thread-21] DEBUG o.a.s.c.s.ClientUserAuthService:101 - ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client methods: [publickey, keyboard-interactive, password] 2019-09-26 20:34:15.008Z [sshd-SshClient[21c31bdd]-nio2-thread-21] DEBUG o.a.s.c.session.ClientSessionImpl:1569 - sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): SSH-2.0-SSHD-CORE-2.0.0 2019-09-26 20:34:15.009Z [sshd-SshClient[21c31bdd]-nio2-thread-21] DEBUG o.a.s.c.session.ClientSessionImpl:1716 - sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT 2019-09-26 20:34:15.011Z [pool-5-thread-1] DEBUG o.a.s.c.session.ClientSessionImpl:164 - addPasswordIdentity(ClientSessionImpl[admin@/10.10.20.25:22]) SHA256:ncCOQDOCfJP0jKvC9h4/mBe1Gn8bz6UTp1N9y8XRYuc 2019-09-26 20:34:15.011Z [pool-5-thread-1] DEBUG o.a.s.c.s.ClientUserAuthService:150 - auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send SSH_MSG_USERAUTH_REQUEST for 'none' 2019-09-26 20:34:15.011Z [pool-5-thread-1] DEBUG o.a.s.c.session.ClientSessionImpl:1110 - writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] Start flagging packets as pending until key exchange is done 2019-09-26 20:34:15.019Z [sshd-SshClient[21c31bdd]-nio2-thread-22] DEBUG o.a.s.c.session.ClientSessionImpl:1653 - doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) line='SSH-2.0-Cisco-1.25' 2019-09-26 20:34:15.020Z [sshd-SshClient[21c31bdd]-nio2-thread-22] DEBUG o.a.s.c.session.ClientSessionImpl:375 - readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version string: SSH-2.0-Cisco-1.25 2019-09-26 20:35:15.012Z [pool-5-thread-1] DEBUG o.a.s.c.session.ClientSessionImpl:95 - close(ClientSessionImpl[admin@/10.10.20.25:22]) Closing gracefully 2019-09-26 20:35:15.013Z [pool-5-thread-1] DEBUG o.a.s.c.session.ClientSessionImpl:146 - signalAuthFailure(ClientSessionImpl[admin@/10.10.20.25:22]) type=SshException, signalled=true, message="Session is being closed" 2019-09-26 20:35:15.013Z [pool-5-thread-1] DEBUG o.a.s.c.s.ClientUserAuthService:95 - close(org.apache.sshd.client.session.ClientUserAuthService@166171bb) Closing gracefully 2019-09-26 20:35:15.013Z [pool-5-thread-1] DEBUG o.a.s.c.s.ClientUserAuthService:112 - close(org.apache.sshd.client.session.ClientUserAuthService@166171bb)[Graceful] closed 2019-09-26 20:35:15.013Z [pool-5-thread-1] DEBUG o.a.s.c.s.ClientConnectionService:95 - close(ClientConnectionService[ClientSessionImpl[admin@/10.10.20.25:22]]) Closing gracefully 2019-09-26 20:35:15.014Z [pool-5-thread-1] DEBUG o.a.s.c.s.ClientConnectionService:104 - close(ClientConnectionService[ClientSessionImpl[admin@/10.10.20.25:22]]][Graceful] - operationComplete() closed 2019-09-26 20:35:15.022Z [pool-5-thread-1] DEBUG o.a.s.c.session.ClientSessionImpl:80 - close(ClientSessionImpl[admin@/10.10.20.25:22]) Closing immediately 2019-09-26 20:35:15.023Z [pool-5-thread-1] DEBUG o.a.s.c.session.ClientSessionImpl:146 - signalAuthFailure(ClientSessionImpl[admin@/10.10.20.25:22]) type=SshException, signalled=false, message="Session is being closed" 2019-09-26 20:35:15.023Z [pool-5-thread-1] DEBUG o.a.s.c.s.ClientUserAuthService:89 - close(org.apache.sshd.client.session.ClientUserAuthService@166171bb)[Immediately] state already Closed 2019-09-26 20:35:15.024Z [pool-5-thread-1] DEBUG o.a.s.c.s.ClientConnectionService:89 - close(ClientConnectionService[ClientSessionImpl[admin@/10.10.20.25:22]])[Immediately] state already Closed 2019-09-26 20:35:15.024Z [pool-5-thread-1] DEBUG o.a.s.c.session.ClientSessionImpl:85 - close(ClientSessionImpl[admin@/10.10.20.25:22])[Immediately] closed {code} log for successful connection: {code:java} 2019-09-26 20:35:16.040Z [sshd-SshClient[21c31bdd]-nio2-thread-24] DEBUG o.a.s.c.session.ClientSessionImpl:68 - Client session created: Nio2Session[local=/10.10.20.1:54016, remote=/10.10.20.25:22] 2019-09-26 20:35:16.040Z [sshd-SshClient[21c31bdd]-nio2-thread-24] DEBUG o.a.s.c.s.ClientUserAuthService:101 - ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client methods: [publickey, keyboard-interactive, password] 2019-09-26 20:35:16.041Z [sshd-SshClient[21c31bdd]-nio2-thread-24] DEBUG o.a.s.c.session.ClientSessionImpl:1569 - sendIdentif
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16938678#comment-16938678 ] Lyor Goldstein commented on SSHD-941: - Don't really know - depends on how many other fixes and/or new features we accumulate. In any case, it might not contain a specific fix for this issue. What you did though should work on current release as well as the next one. Perhaps we will add a more elegant way to do this (see SSHD-944 and the code I committed for this issue) - only time will tell. > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Assignee: Lyor Goldstein >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 > debug1: Remote protocol version 2.0, remote software version Cisc
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16938076#comment-16938076 ] Sivasankar Radhakrishnan commented on SSHD-941: --- Thanks for fixing this! When is the next release expected with this fix? > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Assignee: Goldstein Lyor >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 > debug1: Remote protocol version 2.0, remote software version Cisco-1.25 > debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x6000 > debug2: fd 3 setting O_NONBLOCK > debug1: Authenticating to 10.10.20.25:22 as 'admin' > debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts" > debug3: record_hostkey: found key type RSA i
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16935361#comment-16935361 ] Goldstein Lyor commented on SSHD-941: - Thanks a lot [~wolft] for the valuable information. Assuming this is what is causing this problem there are 2 possible workarounds: 1. define system property {{org.apache.sshd.maxDHGexKeySize=4096}} (or whatever lower value is needed) 2. drop {{dhgex}} and {{dhgex256}} key exachange factories from the client setup > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 > debug1: Remote protocol version 2.0, remote software version Cisco-1.25 > debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x6000 > debug2: f
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16935309#comment-16935309 ] Thomas Wolf commented on SSHD-941: -- {quote}what does {{SSH_BUG_DHGEX_LARGE}} control ?{quote} See commit [b282fec1aa05246ed3482270eb70fc3ec5f39a00|https://github.com/openssh/openssh-portable/commit/b282fec1aa05246ed3482270eb70fc3ec5f39a00] in OpenSSH-portable. > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 > debug1: Remote protocol version 2.0, remote software version Cisco-1.25 > debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x6000 > debug2: fd 3 setting O_NONBLOCK > debug1: Authenticating to 10.10.20.25:22 as 'admin' > debug3: hostkeys_fo
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16935293#comment-16935293 ] Goldstein Lyor commented on SSHD-941: - Thx - will look into it, but specifically for {{SSH_BUG_HOSTKEYS}} MINA SSHD knows how to handle the {{hostkeys}} messages (see {{OpenSshHostKeysHandler}}) - unless your code disabled it or some other message is sent. In this context, what does {{SSH_BUG_DHGEX_LARGE}} control ? > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 > debug1: Remote protocol version 2.0, remote software version Cisco-1.25 > debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x6000 > debug2: fd 3 setting O_NONBLOCK > debug1: Authe
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16934640#comment-16934640 ] Yuefeng commented on SSHD-941: -- openssh compat.c has a lot of flags for the sake of compatibility with different hosts. Cisco is there - {code:java} { "Cisco-1.*", SSH_BUG_DHGEX_LARGE| SSH_BUG_HOSTKEYS },{code} in sshd.c, I see the following with regard to SSH_BUG_HOSTKEYS - {code:java} static void notify_hostkeys(struct ssh *ssh) { ... /* Some clients cannot cope with the hostkeys message, skip those. */ if (ssh->compat & SSH_BUG_HOSTKEYS) return; {code} > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16934124#comment-16934124 ] Goldstein Lyor commented on SSHD-941: - While I cannot find anything unusual, it does seems that {{OpenSSH}} might have some specialized code to deal with this specific server (perhaps some unorthodox behavior} {noformat} debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x6000debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 debug1: Remote protocol version 2.0, remote software version Cisco-1.25 debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x6000 {noformat} Have you tried to research that ? > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519 type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ed25519-cert type -1 > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_7.2
[jira] [Commented] (SSHD-941) mina ssh client times out connecting with IOS 15.2
[ https://issues.apache.org/jira/browse/SSHD-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16932574#comment-16932574 ] Goldstein Lyor commented on SSHD-941: - The only explanation that comes to mind in view of the log is some slightly unorthodox behavior where the server does not wait for the KEX to complete and starts sending some "pre-emptive" packets: {noformat} 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG o.a.s.c.session.ClientSessionImpl:1110 - writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] Start flagging packets as pending until key exchange is done {noformat} This is something we have not encountered (at least I have not) and while the code should handle this correctly, I am not so sure it does cover all such possible flows. It may be the case that the server sent some "pre-emptive" packet and wait for a response while the client is still waiting for the KEX phase to end. I'll look at the successful log you added and see if I can figure out what the server is sending. > mina ssh client times out connecting with IOS 15.2 > -- > > Key: SSHD-941 > URL: https://issues.apache.org/jira/browse/SSHD-941 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 2.0.0 >Reporter: Yuefeng >Priority: Major > > Other device is Cisco IOS 15.2 - > IOS-15#show version > Cisco IOS Software, Linux Software (I86BI_LINUXL2-ADVENTERPRISEK9-M), Version > 15.2(CML_NIGHTLY_20180510)FLO_DSGS7, EARLY DEPLOYMENT DEVELOPMENT BUILD, > synced to V152_6_0_81_E > > apache.sshd always times out connecting to this device - > > {code:java} > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:68 - Client session created: > Nio2Session[local=/10.10.20.1:41950, remote=/10.10.20.25:22] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.s.ClientUserAuthService:101 - > ClientUserAuthService(ClientSessionImpl[null@/10.10.20.25:22]) client > methods: [publickey, keyboard-interactive, password] > 2019-09-12 20:42:30.559Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1569 - > sendIdentification(ClientSessionImpl[null@/10.10.20.25:22]): > SSH-2.0-SSHD-CORE-2.0.0 > 2019-09-12 20:42:30.560Z [sshd-SshClient[4ae0d26a]-nio2-thread-15] DEBUG > o.a.s.c.session.ClientSessionImpl:1716 - > sendKexInit(ClientSessionImpl[null@/10.10.20.25:22]) Send SSH_MSG_KEXINIT > 2019-09-12 20:42:30.560Z [collector-55326-2] DEBUG > o.a.s.c.s.ClientUserAuthService:150 - > auth(ClientSessionImpl[admin@/10.10.20.25:22])[ssh-connection] send > SSH_MSG_USERAUTH_REQUEST for 'none' > 2019-09-12 20:42:30.564Z [collector-55326-2] DEBUG > o.a.s.c.session.ClientSessionImpl:1110 - > writePacket(ClientSessionImpl[admin@/10.10.20.25:22])[SSH_MSG_USERAUTH_REQUEST] > Start flagging packets as pending until key exchange is done > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:1653 - > doReadIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) > line='SSH-2.0-Cisco-1.25' > 2019-09-12 20:42:30.612Z [sshd-SshClient[4ae0d26a]-nio2-thread-9] DEBUG > o.a.s.c.session.ClientSessionImpl:375 - > readIdentification(ClientSessionImpl[admin@/10.10.20.25:22]) Server version > string: SSH-2.0-Cisco-1.25 > 2019-09-12 20:42:50.565Z [collector-55326-2] WARN > c.forwardnetworks.client.web.a.b.e:181 - SSH auth failed: > DefaultAuthFuture[ssh-connection]: Failed to get operation result within > specified timeout: 2 > org.apache.sshd.common.SshException: DefaultAuthFuture[ssh-connection]: > Failed to get operation result within specified timeout: 2 > {code} > > ssh on linux has no problem connecting - > {code:java} > root@eve-ng:/opt/fwd/logs# ssh - admin@10.10.20.25 > OpenSSH_7.2p2 Ubuntu-4ubuntu2.8, OpenSSL 1.0.2g 1 Mar 2016 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: /etc/ssh/ssh_config line 19: Applying options for * > debug2: resolving "10.10.20.25" port 22 > debug2: ssh_connect_direct: needpriv 0 > debug1: Connecting to 10.10.20.25 [10.10.20.25] port 22. > debug1: Connection established. > debug1: permanently_set_uid: 0/0 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_rsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_dsa-cert type -1 > debug1: key_load_public: No such file or directory > debug1: identity file /root/.ssh/id_ecdsa type -1 > debug1: key_load_public: No such fi