[02] SSH Client Technical Support


For technical or licensing inquiries about Bitvise SSH Client, please open a new support case.

please decipher...log attached

20:57:31.855 Bitvise Tunnelier, a fully featured SSH2 client.
Copyright © 2000-2005 by Bitvise Limited.
Portions Copyright © 1995-2003 by Wei Dai.
20:57:31.855 Visit www.bitvise.com for latest information about our SSH2 products.
20:57:31.855 Run 'Tunnelier -help' to learn the supported command-line parameters.
20:57:32.135 Loading last used profile 'F:\FireFox\MyProfile.tlp'.
20:57:32.155 Last used profile loaded successfully.
20:57:40.758 Starting a new SSH2 session.
20:57:40.848 Connecting to SSH2 server xxxxxx.homeip.net:22.
20:57:41.038 Connected.
20:57:41.158 Starting first key exchange.
20:57:41.228 Server version string: SSH-2.0-dropbear_0.46
20:57:42.119 New host key received. Algorithm: ssh-rsa, Size: 1040 bits, MD5 Fingerprint: 2f:dc:2d:bd:c1:ef:47:48:43:29:49:fd:eb:7c:48:69, Bubble-Babble: xubag-sakob-fimic-fuset-kygik-kezym-vanod-pebar-tynok-duhag-fyxyx.
20:57:44.964 First key exchange completed.
20:57:45.034 Key exchange: diffie-hellman-group1-sha1. Session encryption: twofish-cbc, MAC: hmac-sha1, compression: none.
20:57:45.144 Server disconnected without sending a disconnect message. 

BTW, using putty works

TIA
surfano63 Send private email
Thursday, October 13, 2005
 
 
anyone???
surfano63 Send private email
Thursday, October 13, 2005
 
 
I'm not familiar with dropbear, but the server logs should tell you what's bothering it, especially if it can be turned into a debug or verbose mode which produces diagnostic output.

It's possible there's an incompatibility between our products and theirs, in which case either Tunnelier or dropbear will need to be fixed. Given that dropbear is new and Tunnelier has been around for 5 years, it's probably dropbear, but it could also be the other way around, you never can tell in advance.

Let me know what the server complains about and I'll be able to say more.

Best regards!

denis
denis bider Send private email
Thursday, October 13, 2005
 
 
Thank you for replying Denis,

The sshd is running off my Linksys wireless router wrt54g using 3rd party firmware dd-wrt v23.  I try to find out where I can enable the log to see what the sshd has to say.

Thanks again

BTW, using putty I was able to connect to the sshd server without any problem.
surfano63 Send private email
Thursday, October 13, 2005
 
 
Hey Denis,

I don't know how to get a log from the sshd server running on my wireless router wrt54gv4.  I've tried using Wallwatcher.  Router is supported in Wallwatcher, but not the dd-wrt firmware, so unable to capture log traffic.  I was wondering if you have any suggestions.

Thanks for you help
surfano63 Send private email
Friday, October 14, 2005
 
 
Finally capture some log file.

10-14-2005    18:33:59    Kernel.Info    192.168.10.1    dropbear[5760]: exit before auth: bad packet size
10-14-2005    18:33:56    Kernel.Info    192.168.10.1    dropbear[5760]: Child connection from 192.168.10.10:1216
10-14-2005    18:33:56    Kernel.Warning    192.168.10.1    kernel: ACCEPT IN=br0 OUT= MAC=00:14:bf:0f:1f:11:00:0c:e5:52:e3:2f:08:00 SRC=192.168.10.10 DST=192.168.10.1 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=8575 DF PROTO=TCP SPT=1216 DPT=22 SEQ=802902181 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B40103030101010402)

Thanks again
surfano63 Send private email
Friday, October 14, 2005
 
 
Try a different encryption algorithm. It seems the error is occuring right after key exchange. You aren't using compression, so there's no reason why Tunnelier would be sending very large packets at this stage. The "bad packet" error could therefore likely be a decryption problem. Try disabling twofish-cbc in Tunnelier. I'll be interested to know if that fixes it!
denis bider Send private email
Friday, October 14, 2005
 
 
you're da man...Denis

It works after I disabled both twofish256-cbc and twofish128-cbc

 :D  :)

Thanks for all your help
surfano63 Send private email
Saturday, October 15, 2005
 
 
I tested our Twofish implementation against ssh.com's implementation to make sure, and they interoperate. It's likely dropbear's implementation that's faulty. I suggest contacting its author and letting them know about the problem so that they can fix it for the future.

denis
denis bider Send private email
Saturday, October 15, 2005
 
 
Just posted a message to the author in a forum...thanks again
surfano63 Send private email
Saturday, October 15, 2005
 
 

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
 
Powered by FogBugz