SSH issues with Android/CM13 (OpenSSH_6.8, BoringSSL)
Hallo,
CyanogenMod13/Android6 comes with own SSHd server. I use it for years with WinSCP/PuTTY without problems but since CM13 WinSCP refuses to connect without any detailed error message. SSH client on Linux/Cygwin connects properly though (ssh 127.0.0.1 -i root -l privatekeyfile). Edit: The loopback address is the Google USB redirector to the Android device (ADB daemon).
I use public key authentication ('authorized_keys' on server). Neither my old keys (from 2012) nor newly generated ones do work with WinSCP anymore. It just "hangs up" after key exchange negotiation (i guess).
This is the WinSCP log:
This is the log from server side:
And this is the server side log when successfully connecting with ssh/cygwin:
This is my SSHd config file (sshd_config):
Edit:
The SSH server seems to crash. Can we circumvent this somehow in WinSCP by enforcing a different stream cipher algorithm or something?
Edit:
Weird.. I tested several Ciphers, KexAlgorithms and MACs with WinSCP. None do work anymore. Maybe Google hardens security a lot by only allowing latest algorithms in the future.
Will you support SSH2_MSG_KEX_ECDH_INIT, chacha20-poly1305@openssh.com anytime soon in WinSCP?
CyanogenMod13/Android6 comes with own SSHd server. I use it for years with WinSCP/PuTTY without problems but since CM13 WinSCP refuses to connect without any detailed error message. SSH client on Linux/Cygwin connects properly though (ssh 127.0.0.1 -i root -l privatekeyfile). Edit: The loopback address is the Google USB redirector to the Android device (ADB daemon).
I use public key authentication ('authorized_keys' on server). Neither my old keys (from 2012) nor newly generated ones do work with WinSCP anymore. It just "hangs up" after key exchange negotiation (i guess).
This is the WinSCP log:
. 2015-12-25 22:34:20.007 -------------------------------------------------------------------------- . 2015-12-25 22:34:20.007 WinSCP Version 5.8 beta (Build 6030) (OS 6.1.7601 Service Pack 1 - Windows 7 Ultimate) . 2015-12-25 22:34:20.009 Configuration: F:\Programme\WinSCP\WinSCP.ini . 2015-12-25 22:34:20.010 Log level: Debug 1 . 2015-12-25 22:34:20.010 Local account: xxx . 2015-12-25 22:34:20.010 Working directory: F:\Programme\WinSCP . 2015-12-25 22:34:20.010 Process ID: 1904 . 2015-12-25 22:34:20.011 Command-line: xxx . 2015-12-25 22:34:20.011 Time zone: Current: GMT+1, Standard: GMT+1 (Mitteleuropäische Zeit), DST: GMT+2 (Mitteleuropäische Sommerzeit), DST Start: 29.03.2015, DST End: 25.10.2015 . 2015-12-25 22:34:20.011 Login time: Freitag, 25. Dezember 2015 22:34:20 . 2015-12-25 22:34:20.011 -------------------------------------------------------------------------- . 2015-12-25 22:34:20.011 Session name: Android@127.0.0.1 (Site) . 2015-12-25 22:34:20.012 Host name: 127.0.0.1 (Port: 22) . 2015-12-25 22:34:20.012 User name: root (Password: No, Key file: Yes) . 2015-12-25 22:34:20.012 Tunnel: No . 2015-12-25 22:34:20.012 Transfer Protocol: SFTP . 2015-12-25 22:34:20.012 Ping type: Off, Ping interval: 30 sec; Timeout: 5 sec . 2015-12-25 22:34:20.012 Disable Nagle: No . 2015-12-25 22:34:20.012 Proxy: None . 2015-12-25 22:34:20.012 Send buffer: 262144 . 2015-12-25 22:34:20.012 SSH protocol version: 2; Compression: No . 2015-12-25 22:34:20.012 Bypass authentication: No . 2015-12-25 22:34:20.012 Try agent: No; Agent forwarding: No; TIS/CryptoCard: No; KI: No; GSSAPI: No . 2015-12-25 22:34:20.012 Ciphers: aes,blowfish,3des,WARN,arcfour,des; Ssh2DES: No . 2015-12-25 22:34:20.012 KEX: dh-gex-sha1,dh-group14-sha1,dh-group1-sha1,rsa,WARN . 2015-12-25 22:34:20.012 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto . 2015-12-25 22:34:20.012 Simple channel: Yes . 2015-12-25 22:34:20.012 Return code variable: Autodetect; Lookup user groups: Auto . 2015-12-25 22:34:20.012 Shell: /system/bin/sh . 2015-12-25 22:34:20.012 EOL: LF, UTF: On . 2015-12-25 22:34:20.012 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes . 2015-12-25 22:34:20.012 LS: busybox ls -la, Ign LS warn: Yes, Scp1 Comp: No . 2015-12-25 22:34:20.012 SFTP Bugs: Auto,Auto . 2015-12-25 22:34:20.012 SFTP Server: default . 2015-12-25 22:34:20.012 Local directory: D:\, Remote directory: /storage/sdcard1/ramdisk, Update: Yes, Cache: Yes . 2015-12-25 22:34:20.012 Cache directory changes: Yes, Permanent: No . 2015-12-25 22:34:20.012 Recycle bin: Delete to: No, Overwritten to: No, Bin path: . 2015-12-25 22:34:20.012 DST mode: Unix . 2015-12-25 22:34:20.012 -------------------------------------------------------------------------- . 2015-12-25 22:34:20.076 Looking up host "127.0.0.1" . 2015-12-25 22:34:20.076 Connecting to 127.0.0.1 port 22 . 2015-12-25 22:34:20.132 Waiting for the server to continue with the initialization . 2015-12-25 22:34:20.132 Detected network event . 2015-12-25 22:34:20.165 Detected network event . 2015-12-25 22:34:20.165 Server version: SSH-2.0-OpenSSH_6.8 . 2015-12-25 22:34:20.165 We believe remote version has SSH-2 channel request bug . 2015-12-25 22:34:20.165 Using SSH protocol version 2 . 2015-12-25 22:34:20.165 We claim version: SSH-2.0-WinSCP_release_5.8 . 2015-12-25 22:34:20.165 Waiting for the server to continue with the initialization . 2015-12-25 22:34:20.169 Detected network event . 2015-12-25 22:34:20.169 Doing Diffie-Hellman group exchange . 2015-12-25 22:34:20.169 Waiting for the server to continue with the initialization . 2015-12-25 22:34:20.413 Detected network event . 2015-12-25 22:34:20.413 Server unexpectedly closed network connection * 2015-12-25 22:34:20.459 (EFatal) Server unexpectedly closed network connection.
This is the log from server side:
130|root@ks01lte:/data/ssh # /system/bin/sshd -D -d debug1: sshd version OpenSSH_6.8, BoringSSL debug1: key_load_public: No such file or directory debug1: private host key #0: ssh-rsa SHA256:ye3ZPytKEuygg8zOV++XJw+tNdF9frrDvK5ngY9ITCU debug1: key_load_private: No such file or directory debug1: key_load_public: No such file or directory Could not load host key: /data/ssh/ssh_host_dsa_key debug1: rexec_argv[0]='/system/bin/sshd' debug1: rexec_argv[1]='-D' debug1: rexec_argv[2]='-d' Set /proc/self/oom_score_adj from 0 to -1000 debug1: Bind to port 22 on ::. Server listening on :: port 22. debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug1: Server will not fork when running in debugging mode. debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 9 debug1: inetd sockets after dupping: 5, 5 Connection from 127.0.0.1 port 56940 on 127.0.0.1 port 22 debug1: Client protocol version 2.0; client software version WinSCP_release_5.8 debug1: no match: WinSCP_release_5.8 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.8 debug1: permanently_set_uid: 2000/2000 [preauth] debug1: list_hostkey_types: ssh-rsa [preauth] debug1: SSH2_MSG_KEXINIT sent [preauth] debug1: SSH2_MSG_KEXINIT received [preauth] debug1: kex: client->server aes256-ctr hmac-sha2-256 none [preauth] debug1: kex: server->client aes256-ctr hmac-sha2-256 none [preauth] debug1: expecting SSH2_MSG_KEX_DH_GEX_REQUEST [preauth] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received [preauth] WARNING: /data/ssh/moduli does not exist, using fixed modulus debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent [preauth] debug1: monitor_read_log: child log fd closed mm_request_receive: socket closed debug1: do_cleanup debug1: Killing privsep child 23825
And this is the server side log when successfully connecting with ssh/cygwin:
255|root@ks01lte:/data/ssh # /system/bin/sshd -D -d debug1: sshd version OpenSSH_6.8, BoringSSL debug1: key_load_public: No such file or directory debug1: private host key #0: ssh-rsa SHA256:ye3ZPytKEuygg8zOV++XJw+tNdF9frrDvK5ngY9ITCU debug1: key_load_private: No such file or directory debug1: key_load_public: No such file or directory Could not load host key: /data/ssh/ssh_host_dsa_key debug1: rexec_argv[0]='/system/bin/sshd' debug1: rexec_argv[1]='-D' debug1: rexec_argv[2]='-d' Set /proc/self/oom_score_adj from 0 to -1000 debug1: Bind to port 22 on ::. Server listening on :: port 22. debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug1: Server will not fork when running in debugging mode. debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 9 debug1: inetd sockets after dupping: 5, 5 Connection from 127.0.0.1 port 56939 on 127.0.0.1 port 22 debug1: Client protocol version 2.0; client software version OpenSSH_6.9 debug1: match: OpenSSH_6.9 pat OpenSSH* compat 0x04000000 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.8 debug1: permanently_set_uid: 2000/2000 [preauth] debug1: list_hostkey_types: ssh-rsa [preauth] debug1: SSH2_MSG_KEXINIT sent [preauth] debug1: SSH2_MSG_KEXINIT received [preauth] debug1: kex: client->server chacha20-poly1305@openssh.com <implicit> none [preauth] debug1: kex: server->client chacha20-poly1305@openssh.com <implicit> none [preauth] debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth] debug1: SSH2_MSG_NEWKEYS sent [preauth] debug1: expecting SSH2_MSG_NEWKEYS [preauth] debug1: SSH2_MSG_NEWKEYS received [preauth] debug1: KEX done [preauth] debug1: userauth-request for user root service ssh-connection method none [preauth] debug1: attempt 0 failures 0 [preauth] debug1: userauth-request for user root service ssh-connection method publickey [preauth] debug1: attempt 1 failures 0 [preauth] debug1: temporarily_use_uid: 0/0 (e=0/0) debug1: trying public key file /data/ssh/authorized_keys debug1: fd 9 clearing O_NONBLOCK debug1: matching key found: file /data/ssh/authorized_keys, line 1 RSA SHA256:7jvs8/w0Ex7lpwEn3ZzrSSYEa7HmY3swK07MkfqH1pw debug1: restore_uid: 0/0 Accepted publickey for root from 127.0.0.1 port 56939 ssh2: RSA SHA256:7jvs8/w0Ex7lpwEn3ZzrSSYEa7HmY3swK07MkfqH1pw debug1: monitor_child_preauth: root has been authenticated by privileged process debug1: monitor_read_log: child log fd closed debug1: ssh_packet_set_postauth: called debug1: Entering interactive session for SSH2. debug1: server_init_dispatch_20 debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384 debug1: input_session_request debug1: channel 0: new [server-session] debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0 debug1: server_input_channel_open: confirm session debug1: server_input_global_request: rtype no-more-sessions@openssh.com want_reply 0 debug1: server_input_channel_req: channel 0 request pty-req reply 1 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req pty-req debug1: Allocating pty. debug1: session_pty_req: session 0 alloc /dev/ptmx debug1: server_input_channel_req: channel 0 request shell reply 1 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req shell Starting session: shell on ptmx for root from 127.0.0.1 port 56939 debug1: Setting controlling tty using TIOCSCTTY.
This is my SSHd config file (sshd_config):
Protocol 2 HostKey /data/ssh/ssh_host_rsa_key HostKey /data/ssh/ssh_host_dsa_key PermitRootLogin without-password AuthorizedKeysFile /data/ssh/authorized_keys PasswordAuthentication no ChallengeResponseAuthentication no PidFile /data/ssh/sshd.pid Subsystem sftp /system/bin/sftp-server
Edit:
The SSH server seems to crash. Can we circumvent this somehow in WinSCP by enforcing a different stream cipher algorithm or something?
12-25 23:13:24.797: A/DEBUG(314): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** 12-25 23:13:24.797: A/DEBUG(314): Build fingerprint: 'samsung/xxxxxx/xxxx:5.0.1/xxxx/xxxxxxxxxx:user/release-keys' 12-25 23:13:24.797: A/DEBUG(314): Revision: '0' 12-25 23:13:24.797: A/DEBUG(314): ABI: 'arm' 12-25 23:13:24.798: A/DEBUG(314): pid: 25719, tid: 25719, name: sshd >>> /system/bin/sshd: [net] <<< 12-25 23:13:24.798: A/DEBUG(314): signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr -------- 12-25 23:13:24.802: W/NativeCrashListener(900): Couldn't find ProcessRecord for pid 25719 12-25 23:13:24.807: A/DEBUG(314): r0 00000000 r1 00006477 r2 00000006 r3 00000000 12-25 23:13:24.807: E/DEBUG(314): AM write failed: Broken pipe 12-25 23:13:24.808: A/DEBUG(314): r4 b6f87b88 r5 00000006 r6 b6f87b38 r7 0000010c 12-25 23:13:24.808: A/DEBUG(314): r8 000016a4 r9 b6e8df34 sl fffffe88 fp b6fbb9d8 12-25 23:13:24.808: A/DEBUG(314): ip 0000000d sp beacf2e8 lr b6cdc42d pc b6cdeb90 cpsr 200f0010 12-25 23:13:24.860: A/DEBUG(314): backtrace: 12-25 23:13:24.860: A/DEBUG(314): #00 pc 00049b90 /system/lib/libc.so (tgkill+12) 12-25 23:13:24.861: A/DEBUG(314): #01 pc 00047429 /system/lib/libc.so (pthread_kill+36) 12-25 23:13:24.861: A/DEBUG(314): #02 pc 0001bbc3 /system/lib/libc.so (raise+10) 12-25 23:13:24.861: A/DEBUG(314): #03 pc 0001846d /system/lib/libc.so (__libc_android_abort+36) 12-25 23:13:24.861: A/DEBUG(314): #04 pc 000164cc /system/lib/libc.so (abort+4) 12-25 23:13:24.861: A/DEBUG(314): #05 pc 00061e0d /system/lib/libcrypto.so 12-25 23:13:24.862: A/DEBUG(314): #06 pc 00061c89 /system/lib/libcrypto.so (RAND_bytes+276) 12-25 23:13:24.862: A/DEBUG(314): #07 pc 0004143f /system/lib/libcrypto.so (BN_rand+50) 12-25 23:13:24.862: A/DEBUG(314): #08 pc 0004b5d3 /system/lib/libcrypto.so 12-25 23:13:24.862: A/DEBUG(314): #09 pc 00024d25 /system/lib/libssh.so (dh_gen_key+44) 12-25 23:13:24.862: A/DEBUG(314): #10 pc 0000cdc9 /system/bin/sshd 12-25 23:13:24.862: A/DEBUG(314): #11 pc 000253d5 /system/lib/libssh.so (ssh_dispatch_run+232) 12-25 23:13:24.863: A/DEBUG(314): #12 pc 00025491 /system/lib/libssh.so (ssh_dispatch_run_fatal+4) 12-25 23:13:24.863: A/DEBUG(314): #13 pc 00020d6f /system/bin/sshd 12-25 23:13:24.863: A/DEBUG(314): #14 pc 000162f5 /system/lib/libc.so (__libc_init+52) 12-25 23:13:24.863: A/DEBUG(314): #15 pc 000073e4 /system/bin/sshd 12-25 23:13:24.923: A/DEBUG(314): Tombstone written to: /data/tombstones/tombstone_00
Edit:
Weird.. I tested several Ciphers, KexAlgorithms and MACs with WinSCP. None do work anymore. Maybe Google hardens security a lot by only allowing latest algorithms in the future.
Will you support SSH2_MSG_KEX_ECDH_INIT, chacha20-poly1305@openssh.com anytime soon in WinSCP?