Post a reply

Before posting, please read how to report bug or request support effectively.

Bug reports without an attached log file are usually useless.

Options
Add an Attachment

If you do not want to add an Attachment to your Post, please leave the Fields blank.

(maximum 10 MB; please compress large files; only common media, archive, text and programming file formats are allowed)

Options

Topic review

Maniaxx

I tested some more and all DH KEX algorithms are broken on SSHd (server-side). Since WinSCP doesn't support any other (beside RSA-based kex that doesn't seem supported on the other side) there is no possibility atm to connect via WinSCP to this server.

As per RFC DH KEXs are a mandatory requirement so i will contact the CM devs to get that fixed.
Maniaxx

SSH issues with Android/CM13 (OpenSSH_6.8, BoringSSL)

Hallo,
CyanogenMod13/Android6 comes with own SSHd server. I use it for years with WinSCP/PuTTY without problems but since CM13 WinSCP refuses to connect without any detailed error message. SSH client on Linux/Cygwin connects properly though (ssh 127.0.0.1 -i root -l privatekeyfile). Edit: The loopback address is the Google USB redirector to the Android device (ADB daemon).

I use public key authentication ('authorized_keys' on server). Neither my old keys (from 2012) nor newly generated ones do work with WinSCP anymore. It just "hangs up" after key exchange negotiation (i guess).

This is the WinSCP log:
. 2015-12-25 22:34:20.007 --------------------------------------------------------------------------

. 2015-12-25 22:34:20.007 WinSCP Version 5.8 beta (Build 6030) (OS 6.1.7601 Service Pack 1 - Windows 7 Ultimate)
. 2015-12-25 22:34:20.009 Configuration: F:\Programme\WinSCP\WinSCP.ini
. 2015-12-25 22:34:20.010 Log level: Debug 1
. 2015-12-25 22:34:20.010 Local account: xxx
. 2015-12-25 22:34:20.010 Working directory: F:\Programme\WinSCP
. 2015-12-25 22:34:20.010 Process ID: 1904
. 2015-12-25 22:34:20.011 Command-line: xxx
. 2015-12-25 22:34:20.011 Time zone: Current: GMT+1, Standard: GMT+1 (Mitteleuropäische Zeit), DST: GMT+2 (Mitteleuropäische Sommerzeit), DST Start: 29.03.2015, DST End: 25.10.2015
. 2015-12-25 22:34:20.011 Login time: Freitag, 25. Dezember 2015 22:34:20
. 2015-12-25 22:34:20.011 --------------------------------------------------------------------------
. 2015-12-25 22:34:20.011 Session name: Android@127.0.0.1 (Site)
. 2015-12-25 22:34:20.012 Host name: 127.0.0.1 (Port: 22)
. 2015-12-25 22:34:20.012 User name: root (Password: No, Key file: Yes)
. 2015-12-25 22:34:20.012 Tunnel: No
. 2015-12-25 22:34:20.012 Transfer Protocol: SFTP
. 2015-12-25 22:34:20.012 Ping type: Off, Ping interval: 30 sec; Timeout: 5 sec
. 2015-12-25 22:34:20.012 Disable Nagle: No
. 2015-12-25 22:34:20.012 Proxy: None
. 2015-12-25 22:34:20.012 Send buffer: 262144
. 2015-12-25 22:34:20.012 SSH protocol version: 2; Compression: No
. 2015-12-25 22:34:20.012 Bypass authentication: No
. 2015-12-25 22:34:20.012 Try agent: No; Agent forwarding: No; TIS/CryptoCard: No; KI: No; GSSAPI: No
. 2015-12-25 22:34:20.012 Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2015-12-25 22:34:20.012 KEX: dh-gex-sha1,dh-group14-sha1,dh-group1-sha1,rsa,WARN
. 2015-12-25 22:34:20.012 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2015-12-25 22:34:20.012 Simple channel: Yes
. 2015-12-25 22:34:20.012 Return code variable: Autodetect; Lookup user groups: Auto
. 2015-12-25 22:34:20.012 Shell: /system/bin/sh
. 2015-12-25 22:34:20.012 EOL: LF, UTF: On
. 2015-12-25 22:34:20.012 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. 2015-12-25 22:34:20.012 LS: busybox ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2015-12-25 22:34:20.012 SFTP Bugs: Auto,Auto
. 2015-12-25 22:34:20.012 SFTP Server: default
. 2015-12-25 22:34:20.012 Local directory: D:\, Remote directory: /storage/sdcard1/ramdisk, Update: Yes, Cache: Yes
. 2015-12-25 22:34:20.012 Cache directory changes: Yes, Permanent: No
. 2015-12-25 22:34:20.012 Recycle bin: Delete to: No, Overwritten to: No, Bin path:
. 2015-12-25 22:34:20.012 DST mode: Unix
. 2015-12-25 22:34:20.012 --------------------------------------------------------------------------
. 2015-12-25 22:34:20.076 Looking up host "127.0.0.1"
. 2015-12-25 22:34:20.076 Connecting to 127.0.0.1 port 22
. 2015-12-25 22:34:20.132 Waiting for the server to continue with the initialization
. 2015-12-25 22:34:20.132 Detected network event
. 2015-12-25 22:34:20.165 Detected network event
. 2015-12-25 22:34:20.165 Server version: SSH-2.0-OpenSSH_6.8
. 2015-12-25 22:34:20.165 We believe remote version has SSH-2 channel request bug
. 2015-12-25 22:34:20.165 Using SSH protocol version 2
. 2015-12-25 22:34:20.165 We claim version: SSH-2.0-WinSCP_release_5.8
. 2015-12-25 22:34:20.165 Waiting for the server to continue with the initialization
. 2015-12-25 22:34:20.169 Detected network event
. 2015-12-25 22:34:20.169 Doing Diffie-Hellman group exchange
. 2015-12-25 22:34:20.169 Waiting for the server to continue with the initialization
. 2015-12-25 22:34:20.413 Detected network event
. 2015-12-25 22:34:20.413 Server unexpectedly closed network connection
* 2015-12-25 22:34:20.459 (EFatal) Server unexpectedly closed network connection.


This is the log from server side:
130|root@ks01lte:/data/ssh # /system/bin/sshd -D -d

debug1: sshd version OpenSSH_6.8, BoringSSL
debug1: key_load_public: No such file or directory
debug1: private host key #0: ssh-rsa SHA256:ye3ZPytKEuygg8zOV++XJw+tNdF9frrDvK5ngY9ITCU
debug1: key_load_private: No such file or directory
debug1: key_load_public: No such file or directory
Could not load host key: /data/ssh/ssh_host_dsa_key
debug1: rexec_argv[0]='/system/bin/sshd'
debug1: rexec_argv[1]='-D'
debug1: rexec_argv[2]='-d'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 9
debug1: inetd sockets after dupping: 5, 5
Connection from 127.0.0.1 port 56940 on 127.0.0.1 port 22
debug1: Client protocol version 2.0; client software version WinSCP_release_5.8
debug1: no match: WinSCP_release_5.8
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.8
debug1: permanently_set_uid: 2000/2000 [preauth]
debug1: list_hostkey_types: ssh-rsa [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: client->server aes256-ctr hmac-sha2-256 none [preauth]
debug1: kex: server->client aes256-ctr hmac-sha2-256 none [preauth]
debug1: expecting SSH2_MSG_KEX_DH_GEX_REQUEST [preauth]
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth]
WARNING: /data/ssh/moduli does not exist, using fixed modulus
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]
debug1: monitor_read_log: child log fd closed
mm_request_receive: socket closed
debug1: do_cleanup
debug1: Killing privsep child 23825


And this is the server side log when successfully connecting with ssh/cygwin:
255|root@ks01lte:/data/ssh # /system/bin/sshd -D -d

debug1: sshd version OpenSSH_6.8, BoringSSL
debug1: key_load_public: No such file or directory
debug1: private host key #0: ssh-rsa SHA256:ye3ZPytKEuygg8zOV++XJw+tNdF9frrDvK5ngY9ITCU
debug1: key_load_private: No such file or directory
debug1: key_load_public: No such file or directory
Could not load host key: /data/ssh/ssh_host_dsa_key
debug1: rexec_argv[0]='/system/bin/sshd'
debug1: rexec_argv[1]='-D'
debug1: rexec_argv[2]='-d'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 9
debug1: inetd sockets after dupping: 5, 5
Connection from 127.0.0.1 port 56939 on 127.0.0.1 port 22
debug1: Client protocol version 2.0; client software version OpenSSH_6.9
debug1: match: OpenSSH_6.9 pat OpenSSH* compat 0x04000000
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.8
debug1: permanently_set_uid: 2000/2000 [preauth]
debug1: list_hostkey_types: ssh-rsa [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none [preauth]
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user root service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: userauth-request for user root service ssh-connection method publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: temporarily_use_uid: 0/0 (e=0/0)
debug1: trying public key file /data/ssh/authorized_keys
debug1: fd 9 clearing O_NONBLOCK
debug1: matching key found: file /data/ssh/authorized_keys, line 1 RSA SHA256:7jvs8/w0Ex7lpwEn3ZzrSSYEa7HmY3swK07MkfqH1pw
debug1: restore_uid: 0/0
Accepted publickey for root from 127.0.0.1 port 56939 ssh2: RSA SHA256:7jvs8/w0Ex7lpwEn3ZzrSSYEa7HmY3swK07MkfqH1pw
debug1: monitor_child_preauth: root has been authenticated by privileged process
debug1: monitor_read_log: child log fd closed
debug1: ssh_packet_set_postauth: called
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_global_request: rtype no-more-sessions@openssh.com want_reply 0
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/ptmx
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
Starting session: shell on ptmx for root from 127.0.0.1 port 56939
debug1: Setting controlling tty using TIOCSCTTY.


This is my SSHd config file (sshd_config):
Protocol 2

HostKey /data/ssh/ssh_host_rsa_key
HostKey /data/ssh/ssh_host_dsa_key
PermitRootLogin without-password
AuthorizedKeysFile   /data/ssh/authorized_keys
PasswordAuthentication no
ChallengeResponseAuthentication no
PidFile /data/ssh/sshd.pid
Subsystem   sftp   /system/bin/sftp-server


Edit:
The SSH server seems to crash. Can we circumvent this somehow in WinSCP by enforcing a different stream cipher algorithm or something?
12-25 23:13:24.797: A/DEBUG(314): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***

12-25 23:13:24.797: A/DEBUG(314): Build fingerprint: 'samsung/xxxxxx/xxxx:5.0.1/xxxx/xxxxxxxxxx:user/release-keys'
12-25 23:13:24.797: A/DEBUG(314): Revision: '0'
12-25 23:13:24.797: A/DEBUG(314): ABI: 'arm'
12-25 23:13:24.798: A/DEBUG(314): pid: 25719, tid: 25719, name: sshd  >>> /system/bin/sshd: [net] <<<
12-25 23:13:24.798: A/DEBUG(314): signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
12-25 23:13:24.802: W/NativeCrashListener(900): Couldn't find ProcessRecord for pid 25719
12-25 23:13:24.807: A/DEBUG(314):     r0 00000000  r1 00006477  r2 00000006  r3 00000000
12-25 23:13:24.807: E/DEBUG(314): AM write failed: Broken pipe
12-25 23:13:24.808: A/DEBUG(314):     r4 b6f87b88  r5 00000006  r6 b6f87b38  r7 0000010c
12-25 23:13:24.808: A/DEBUG(314):     r8 000016a4  r9 b6e8df34  sl fffffe88  fp b6fbb9d8
12-25 23:13:24.808: A/DEBUG(314):     ip 0000000d  sp beacf2e8  lr b6cdc42d  pc b6cdeb90  cpsr 200f0010
12-25 23:13:24.860: A/DEBUG(314): backtrace:
12-25 23:13:24.860: A/DEBUG(314):     #00 pc 00049b90  /system/lib/libc.so (tgkill+12)
12-25 23:13:24.861: A/DEBUG(314):     #01 pc 00047429  /system/lib/libc.so (pthread_kill+36)
12-25 23:13:24.861: A/DEBUG(314):     #02 pc 0001bbc3  /system/lib/libc.so (raise+10)
12-25 23:13:24.861: A/DEBUG(314):     #03 pc 0001846d  /system/lib/libc.so (__libc_android_abort+36)
12-25 23:13:24.861: A/DEBUG(314):     #04 pc 000164cc  /system/lib/libc.so (abort+4)
12-25 23:13:24.861: A/DEBUG(314):     #05 pc 00061e0d  /system/lib/libcrypto.so
12-25 23:13:24.862: A/DEBUG(314):     #06 pc 00061c89  /system/lib/libcrypto.so (RAND_bytes+276)
12-25 23:13:24.862: A/DEBUG(314):     #07 pc 0004143f  /system/lib/libcrypto.so (BN_rand+50)
12-25 23:13:24.862: A/DEBUG(314):     #08 pc 0004b5d3  /system/lib/libcrypto.so
12-25 23:13:24.862: A/DEBUG(314):     #09 pc 00024d25  /system/lib/libssh.so (dh_gen_key+44)
12-25 23:13:24.862: A/DEBUG(314):     #10 pc 0000cdc9  /system/bin/sshd
12-25 23:13:24.862: A/DEBUG(314):     #11 pc 000253d5  /system/lib/libssh.so (ssh_dispatch_run+232)
12-25 23:13:24.863: A/DEBUG(314):     #12 pc 00025491  /system/lib/libssh.so (ssh_dispatch_run_fatal+4)
12-25 23:13:24.863: A/DEBUG(314):     #13 pc 00020d6f  /system/bin/sshd
12-25 23:13:24.863: A/DEBUG(314):     #14 pc 000162f5  /system/lib/libc.so (__libc_init+52)
12-25 23:13:24.863: A/DEBUG(314):     #15 pc 000073e4  /system/bin/sshd
12-25 23:13:24.923: A/DEBUG(314): Tombstone written to: /data/tombstones/tombstone_00


Edit:
Weird.. I tested several Ciphers, KexAlgorithms and MACs with WinSCP. None do work anymore. Maybe Google hardens security a lot by only allowing latest algorithms in the future.

Will you support SSH2_MSG_KEX_ECDH_INIT, chacha20-poly1305@openssh.com anytime soon in WinSCP?