SSH issues with Android/CM13 (OpenSSH_6.8, BoringSSL)

Advertisement

Maniaxx
Joined:
Posts:
2

SSH issues with Android/CM13 (OpenSSH_6.8, BoringSSL)

Hallo,
CyanogenMod13/Android6 comes with own SSHd server. I use it for years with WinSCP/PuTTY without problems but since CM13 WinSCP refuses to connect without any detailed error message. SSH client on Linux/Cygwin connects properly though (ssh 127.0.0.1 -i root -l privatekeyfile). Edit: The loopback address is the Google USB redirector to the Android device (ADB daemon).

I use public key authentication ('authorized_keys' on server). Neither my old keys (from 2012) nor newly generated ones do work with WinSCP anymore. It just "hangs up" after key exchange negotiation (i guess).

This is the WinSCP log:
. 2015-12-25 22:34:20.007 --------------------------------------------------------------------------
. 2015-12-25 22:34:20.007 WinSCP Version 5.8 beta (Build 6030) (OS 6.1.7601 Service Pack 1 - Windows 7 Ultimate)
. 2015-12-25 22:34:20.009 Configuration: F:\Programme\WinSCP\WinSCP.ini
. 2015-12-25 22:34:20.010 Log level: Debug 1
. 2015-12-25 22:34:20.010 Local account: xxx
. 2015-12-25 22:34:20.010 Working directory: F:\Programme\WinSCP
. 2015-12-25 22:34:20.010 Process ID: 1904
. 2015-12-25 22:34:20.011 Command-line: xxx
. 2015-12-25 22:34:20.011 Time zone: Current: GMT+1, Standard: GMT+1 (Mitteleuropäische Zeit), DST: GMT+2 (Mitteleuropäische Sommerzeit), DST Start: 29.03.2015, DST End: 25.10.2015
. 2015-12-25 22:34:20.011 Login time: Freitag, 25. Dezember 2015 22:34:20
. 2015-12-25 22:34:20.011 --------------------------------------------------------------------------
. 2015-12-25 22:34:20.011 Session name: Android@127.0.0.1 (Site)
. 2015-12-25 22:34:20.012 Host name: 127.0.0.1 (Port: 22)
. 2015-12-25 22:34:20.012 User name: root (Password: No, Key file: Yes)
. 2015-12-25 22:34:20.012 Tunnel: No
. 2015-12-25 22:34:20.012 Transfer Protocol: SFTP
. 2015-12-25 22:34:20.012 Ping type: Off, Ping interval: 30 sec; Timeout: 5 sec
. 2015-12-25 22:34:20.012 Disable Nagle: No
. 2015-12-25 22:34:20.012 Proxy: None
. 2015-12-25 22:34:20.012 Send buffer: 262144
. 2015-12-25 22:34:20.012 SSH protocol version: 2; Compression: No
. 2015-12-25 22:34:20.012 Bypass authentication: No
. 2015-12-25 22:34:20.012 Try agent: No; Agent forwarding: No; TIS/CryptoCard: No; KI: No; GSSAPI: No
. 2015-12-25 22:34:20.012 Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No
. 2015-12-25 22:34:20.012 KEX: dh-gex-sha1,dh-group14-sha1,dh-group1-sha1,rsa,WARN
. 2015-12-25 22:34:20.012 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto
. 2015-12-25 22:34:20.012 Simple channel: Yes
. 2015-12-25 22:34:20.012 Return code variable: Autodetect; Lookup user groups: Auto
. 2015-12-25 22:34:20.012 Shell: /system/bin/sh
. 2015-12-25 22:34:20.012 EOL: LF, UTF: On
. 2015-12-25 22:34:20.012 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes
. 2015-12-25 22:34:20.012 LS: busybox ls -la, Ign LS warn: Yes, Scp1 Comp: No
. 2015-12-25 22:34:20.012 SFTP Bugs: Auto,Auto
. 2015-12-25 22:34:20.012 SFTP Server: default
. 2015-12-25 22:34:20.012 Local directory: D:\, Remote directory: /storage/sdcard1/ramdisk, Update: Yes, Cache: Yes
. 2015-12-25 22:34:20.012 Cache directory changes: Yes, Permanent: No
. 2015-12-25 22:34:20.012 Recycle bin: Delete to: No, Overwritten to: No, Bin path: 
. 2015-12-25 22:34:20.012 DST mode: Unix
. 2015-12-25 22:34:20.012 --------------------------------------------------------------------------
. 2015-12-25 22:34:20.076 Looking up host "127.0.0.1"
. 2015-12-25 22:34:20.076 Connecting to 127.0.0.1 port 22
. 2015-12-25 22:34:20.132 Waiting for the server to continue with the initialization
. 2015-12-25 22:34:20.132 Detected network event
. 2015-12-25 22:34:20.165 Detected network event
. 2015-12-25 22:34:20.165 Server version: SSH-2.0-OpenSSH_6.8
. 2015-12-25 22:34:20.165 We believe remote version has SSH-2 channel request bug
. 2015-12-25 22:34:20.165 Using SSH protocol version 2
. 2015-12-25 22:34:20.165 We claim version: SSH-2.0-WinSCP_release_5.8
. 2015-12-25 22:34:20.165 Waiting for the server to continue with the initialization
. 2015-12-25 22:34:20.169 Detected network event
. 2015-12-25 22:34:20.169 Doing Diffie-Hellman group exchange
. 2015-12-25 22:34:20.169 Waiting for the server to continue with the initialization
. 2015-12-25 22:34:20.413 Detected network event
. 2015-12-25 22:34:20.413 Server unexpectedly closed network connection
* 2015-12-25 22:34:20.459 (EFatal) Server unexpectedly closed network connection.

This is the log from server side:
130|root@ks01lte:/data/ssh # /system/bin/sshd -D -d
debug1: sshd version OpenSSH_6.8, BoringSSL
debug1: key_load_public: No such file or directory
debug1: private host key #0: ssh-rsa SHA256:ye3ZPytKEuygg8zOV++XJw+tNdF9frrDvK5ngY9ITCU
debug1: key_load_private: No such file or directory
debug1: key_load_public: No such file or directory
Could not load host key: /data/ssh/ssh_host_dsa_key
debug1: rexec_argv[0]='/system/bin/sshd'
debug1: rexec_argv[1]='-D'
debug1: rexec_argv[2]='-d'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 9
debug1: inetd sockets after dupping: 5, 5
Connection from 127.0.0.1 port 56940 on 127.0.0.1 port 22
debug1: Client protocol version 2.0; client software version WinSCP_release_5.8
debug1: no match: WinSCP_release_5.8
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.8
debug1: permanently_set_uid: 2000/2000 [preauth]
debug1: list_hostkey_types: ssh-rsa [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: client->server aes256-ctr hmac-sha2-256 none [preauth]
debug1: kex: server->client aes256-ctr hmac-sha2-256 none [preauth]
debug1: expecting SSH2_MSG_KEX_DH_GEX_REQUEST [preauth]
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth]
WARNING: /data/ssh/moduli does not exist, using fixed modulus
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth]
debug1: monitor_read_log: child log fd closed
mm_request_receive: socket closed
debug1: do_cleanup
debug1: Killing privsep child 23825

And this is the server side log when successfully connecting with ssh/cygwin:
255|root@ks01lte:/data/ssh # /system/bin/sshd -D -d
debug1: sshd version OpenSSH_6.8, BoringSSL
debug1: key_load_public: No such file or directory
debug1: private host key #0: ssh-rsa SHA256:ye3ZPytKEuygg8zOV++XJw+tNdF9frrDvK5ngY9ITCU
debug1: key_load_private: No such file or directory
debug1: key_load_public: No such file or directory
Could not load host key: /data/ssh/ssh_host_dsa_key
debug1: rexec_argv[0]='/system/bin/sshd'
debug1: rexec_argv[1]='-D'
debug1: rexec_argv[2]='-d'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 9
debug1: inetd sockets after dupping: 5, 5
Connection from 127.0.0.1 port 56939 on 127.0.0.1 port 22
debug1: Client protocol version 2.0; client software version OpenSSH_6.9
debug1: match: OpenSSH_6.9 pat OpenSSH* compat 0x04000000
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.8
debug1: permanently_set_uid: 2000/2000 [preauth]
debug1: list_hostkey_types: ssh-rsa [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none [preauth]
debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user root service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: userauth-request for user root service ssh-connection method publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: temporarily_use_uid: 0/0 (e=0/0)
debug1: trying public key file /data/ssh/authorized_keys
debug1: fd 9 clearing O_NONBLOCK
debug1: matching key found: file /data/ssh/authorized_keys, line 1 RSA SHA256:7jvs8/w0Ex7lpwEn3ZzrSSYEa7HmY3swK07MkfqH1pw
debug1: restore_uid: 0/0
Accepted publickey for root from 127.0.0.1 port 56939 ssh2: RSA SHA256:7jvs8/w0Ex7lpwEn3ZzrSSYEa7HmY3swK07MkfqH1pw
debug1: monitor_child_preauth: root has been authenticated by privileged process
debug1: monitor_read_log: child log fd closed
debug1: ssh_packet_set_postauth: called
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_global_request: rtype no-more-sessions@openssh.com want_reply 0
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/ptmx
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
Starting session: shell on ptmx for root from 127.0.0.1 port 56939
debug1: Setting controlling tty using TIOCSCTTY.

This is my SSHd config file (sshd_config):
Protocol 2
HostKey /data/ssh/ssh_host_rsa_key
HostKey /data/ssh/ssh_host_dsa_key
PermitRootLogin without-password
AuthorizedKeysFile   /data/ssh/authorized_keys
PasswordAuthentication no
ChallengeResponseAuthentication no
PidFile /data/ssh/sshd.pid
Subsystem   sftp   /system/bin/sftp-server

Edit:
The SSH server seems to crash. Can we circumvent this somehow in WinSCP by enforcing a different stream cipher algorithm or something?
12-25 23:13:24.797: A/DEBUG(314): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
12-25 23:13:24.797: A/DEBUG(314): Build fingerprint: 'samsung/xxxxxx/xxxx:5.0.1/xxxx/xxxxxxxxxx:user/release-keys'
12-25 23:13:24.797: A/DEBUG(314): Revision: '0'
12-25 23:13:24.797: A/DEBUG(314): ABI: 'arm'
12-25 23:13:24.798: A/DEBUG(314): pid: 25719, tid: 25719, name: sshd  >>> /system/bin/sshd: [net] <<<
12-25 23:13:24.798: A/DEBUG(314): signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
12-25 23:13:24.802: W/NativeCrashListener(900): Couldn't find ProcessRecord for pid 25719
12-25 23:13:24.807: A/DEBUG(314):     r0 00000000  r1 00006477  r2 00000006  r3 00000000
12-25 23:13:24.807: E/DEBUG(314): AM write failed: Broken pipe
12-25 23:13:24.808: A/DEBUG(314):     r4 b6f87b88  r5 00000006  r6 b6f87b38  r7 0000010c
12-25 23:13:24.808: A/DEBUG(314):     r8 000016a4  r9 b6e8df34  sl fffffe88  fp b6fbb9d8
12-25 23:13:24.808: A/DEBUG(314):     ip 0000000d  sp beacf2e8  lr b6cdc42d  pc b6cdeb90  cpsr 200f0010
12-25 23:13:24.860: A/DEBUG(314): backtrace:
12-25 23:13:24.860: A/DEBUG(314):     #00 pc 00049b90  /system/lib/libc.so (tgkill+12)
12-25 23:13:24.861: A/DEBUG(314):     #01 pc 00047429  /system/lib/libc.so (pthread_kill+36)
12-25 23:13:24.861: A/DEBUG(314):     #02 pc 0001bbc3  /system/lib/libc.so (raise+10)
12-25 23:13:24.861: A/DEBUG(314):     #03 pc 0001846d  /system/lib/libc.so (__libc_android_abort+36)
12-25 23:13:24.861: A/DEBUG(314):     #04 pc 000164cc  /system/lib/libc.so (abort+4)
12-25 23:13:24.861: A/DEBUG(314):     #05 pc 00061e0d  /system/lib/libcrypto.so
12-25 23:13:24.862: A/DEBUG(314):     #06 pc 00061c89  /system/lib/libcrypto.so (RAND_bytes+276)
12-25 23:13:24.862: A/DEBUG(314):     #07 pc 0004143f  /system/lib/libcrypto.so (BN_rand+50)
12-25 23:13:24.862: A/DEBUG(314):     #08 pc 0004b5d3  /system/lib/libcrypto.so
12-25 23:13:24.862: A/DEBUG(314):     #09 pc 00024d25  /system/lib/libssh.so (dh_gen_key+44)
12-25 23:13:24.862: A/DEBUG(314):     #10 pc 0000cdc9  /system/bin/sshd
12-25 23:13:24.862: A/DEBUG(314):     #11 pc 000253d5  /system/lib/libssh.so (ssh_dispatch_run+232)
12-25 23:13:24.863: A/DEBUG(314):     #12 pc 00025491  /system/lib/libssh.so (ssh_dispatch_run_fatal+4)
12-25 23:13:24.863: A/DEBUG(314):     #13 pc 00020d6f  /system/bin/sshd
12-25 23:13:24.863: A/DEBUG(314):     #14 pc 000162f5  /system/lib/libc.so (__libc_init+52)
12-25 23:13:24.863: A/DEBUG(314):     #15 pc 000073e4  /system/bin/sshd
12-25 23:13:24.923: A/DEBUG(314): Tombstone written to: /data/tombstones/tombstone_00

Edit:
Weird.. I tested several Ciphers, KexAlgorithms and MACs with WinSCP. None do work anymore. Maybe Google hardens security a lot by only allowing latest algorithms in the future.

Will you support SSH2_MSG_KEX_ECDH_INIT, chacha20-poly1305@openssh.com anytime soon in WinSCP?

Reply with quote

Advertisement

Maniaxx
Joined:
Posts:
2

I tested some more and all DH KEX algorithms are broken on SSHd (server-side). Since WinSCP doesn't support any other (beside RSA-based kex that doesn't seem supported on the other side) there is no possibility atm to connect via WinSCP to this server.

As per RFC DH KEXs are a mandatory requirement so i will contact the CM devs to get that fixed.

Reply with quote

Advertisement

You can post new topics in this forum