[erlang-bugs] R16B03 ssh client is broken for keyboard-interactive
Simon Cornish
zl9d97p02@REDACTED
Wed Jan 15 11:04:02 CET 2014
Hi,
It seems like OTP-11363 breaks keyboard-interactive authentication by
introducing the ssh_message module.
The following messages will always be decoded as #ssh_msg_userauth_pk_ok{}
SSH2_MSG_USERAUTH_PK_OK
SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ
SSH2_MSG_USERAUTH_INFO_REQUEST
Which, when the server has keyboard-interactive as a preferred
authentication method results in an error like the one shown below.
Attached is the patch I used as a workaround. It's probably not the best
solution. Really, the decode should be aware of what messages are expected
from the current state of the connection.
Regards,
Simon
Error:
4> catch ssh:shell("localhost", 22, [{user, "x123"}, {password,"x123"},
{user_dir, "/tmp/simon/xxhd"}]).
{error,"Internal error"}
5>
=ERROR REPORT==== 14-Jan-2014::16:15:04 ===
Erlang ssh connection handler failed with reason: function_clause
, Stacktace: [{ssh_connection_handler,userauth,
[{ssh_msg_userauth_pk_ok,<<>>,
<<0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,9,80,97,115,115,119,
111,114,100,58,0>>},
{state,client,undefined,<0.32.0>,"x123",
{connection,[],28690,[],0,undefined,undefined,
undefined,
[{user_pid,<0.32.0>},
{host,"localhost"},
{idle_time,infinity},
{user_dir,"/tmp/simon/xxhd"},
{password,"x123"},
{user,"x123"}],
undefined,undefined,undefined,undefined},
0,infinity,tcp,gen_tcp,tcp_closed,
{ssh,client,
{"localhost",{{127,0,0,1},22}},
{2,0},
{2,0},
"SSH-2.0-Erlang","SSH-2.0-OpenSSH_5.6",
....
undefined,"x123","ssh-connection",false,
"publickey,keyboard-interactive,password",
["publickey","keyboard-interactive"],
[],
["ssh-rsa","ssh-dss"],
false},
#Port<0.1188>,<<>>,<<>>,undefined,
{ssh_msg_kexinit,
<<176,81,33,95,58,180,129,224,145,127,117,133,160,
53,16,241>>,
["diffie-hellman-group1-sha1"],
["ssh-rsa","ssh-dss"],
["aes128-cbc","3des-cbc"],
["aes128-cbc","3des-cbc"],
["hmac-sha1"],
["hmac-sha1"],
["none","zlib"],
["none","zlib"],
[],[],false,0},
false,undefined,undefined,undefined,
[{user_pid,<0.32.0>},
{host,"localhost"},
{idle_time,infinity},
{user_dir,"/tmp/simon/xxhd"},
{password,"x123"},
{user,"x123"}]}],
[{file,"ssh_connection_handler.erl"},{line,393}]},
{ssh_connection_handler,event,3,
[{file,"ssh_connection_handler.erl"},{line,1126}]},
{gen_fsm,handle_msg,7,[{file,"gen_fsm.erl"},{line,505}]},
{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,239}]}]
please report this to erlang-bugs@REDACTED
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-bugs/attachments/20140115/7c0cd91e/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssh-kbd-interactive.patch
Type: application/octet-stream
Size: 1181 bytes
Desc: not available
URL: <http://erlang.org/pipermail/erlang-bugs/attachments/20140115/7c0cd91e/attachment.obj>
More information about the erlang-bugs
mailing list