Uploaded image for project: 'MINA SSHD'
  1. MINA SSHD
  2. SSHD-330

Handshake fails (wrong shared secret) 1 out of 256 times

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.11.0
    • Fix Version/s: 0.12.0
    • Labels:
      None

      Description

      The shared secret returned by KeyAgreement.generateSecret() is a byte array, which can (by chance, roughly 1 out of 256 times) begin with zero byte. In SSH, the shared secret is an integer, so we need to strip the leading zero(es).

      Some JCE providers might strip leading zeroes, though. SunJCE used to do this in Java 6, I think, but not anymore in Java 7 – and there was an almost identical bug (handshake fails 1 out of 256 times) in Java's SSL/TLS implementation in early Java 7 versions (see http://bugs.java.com/view_bug.do?bug_id=8014618).

      Pull request here:
      https://github.com/apache/mina-sshd/pull/5

      How to reproduce with OpenSSH client (assuming Mina SSH server running in port 9922):

      for x in

      {1..500}; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=diffie-hellman-group-exchange-sha1 someuser@localhost; done

      for x in {1..500}

      ; do sshpass -p wrong ssh -p9922 -oKexAlgorithms=ecdh-sha2-nistp256 someuser@localhost; done

        Issue Links

          Activity

          Hide
          githubbot ASF GitHub Bot added a comment -

          GitHub user pasieronen opened a pull request:

          https://github.com/apache/mina-sshd/pull/5

          SSHD-330 Strip leading zero(es) from the shared secret

          You can merge this pull request into a Git repository by running:

          $ git pull https://github.com/pasieronen/mina-sshd SSHD-330-shared-secret-zeroes

          Alternatively you can review and apply these changes as the patch at:

          https://github.com/apache/mina-sshd/pull/5.patch

          To close this pull request, make a commit to your master/trunk branch
          with (at least) the following in the commit message:

          This closes #5


          commit e7ebbc6bf1e13ac0da00b75b12814cc7827eb18d
          Author: Pasi Eronen <pe@iki.fi>
          Date: 2014-06-12T09:27:33Z

          Strip leading zero(es) from the shared secret


          Show
          githubbot ASF GitHub Bot added a comment - GitHub user pasieronen opened a pull request: https://github.com/apache/mina-sshd/pull/5 SSHD-330 Strip leading zero(es) from the shared secret You can merge this pull request into a Git repository by running: $ git pull https://github.com/pasieronen/mina-sshd SSHD-330 -shared-secret-zeroes Alternatively you can review and apply these changes as the patch at: https://github.com/apache/mina-sshd/pull/5.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #5 commit e7ebbc6bf1e13ac0da00b75b12814cc7827eb18d Author: Pasi Eronen <pe@iki.fi> Date: 2014-06-12T09:27:33Z Strip leading zero(es) from the shared secret
          Show
          gnt Guillaume Nodet added a comment - https://git-wip-us.apache.org/repos/asf?p=mina-sshd.git;a=commit;h=2aed686bdb21681a421033c6ee5997e5cd8a9a83
          Hide
          gnt Guillaume Nodet added a comment -

          Thx for the patch !

          Show
          gnt Guillaume Nodet added a comment - Thx for the patch !
          Hide
          charleso Charles O'Farrell added a comment -

          We just hit this in Stash - just going to post the keywords "key_verify failed for server_host_key" just in case some other poor sucker hits this and can't find it on Google.

          Just out of curiosity are there any plans for releasing 2.12.0 and/or backporting to 2.11 or older?

          Cheers!

          Show
          charleso Charles O'Farrell added a comment - We just hit this in Stash - just going to post the keywords "key_verify failed for server_host_key" just in case some other poor sucker hits this and can't find it on Google. Just out of curiosity are there any plans for releasing 2.12.0 and/or backporting to 2.11 or older? Cheers!
          Hide
          githubbot ASF GitHub Bot added a comment -

          Github user pasieronen closed the pull request at:

          https://github.com/apache/mina-sshd/pull/5

          Show
          githubbot ASF GitHub Bot added a comment - Github user pasieronen closed the pull request at: https://github.com/apache/mina-sshd/pull/5
          Hide
          lgoldstein Goldstein Lyor added a comment -

          Improved AbstractDH#stripLeadingZeros to clone the array only if 1st byte is non-zero

          Show
          lgoldstein Goldstein Lyor added a comment - Improved AbstractDH#stripLeadingZeros to clone the array only if 1st byte is non-zero

            People

            • Assignee:
              gnt Guillaume Nodet
              Reporter:
              peronen Pasi Eronen
            • Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development