[Twisted-Python] hmac-sha2-512 - Corrupted MAC on input with OpenSSH

Craig Rodrigues rodrigc at crodrigues.org
Wed Dec 28 10:40:07 MST 2016 

Jianchen,

Can you provide more details about the server you are writing?

I cannot reproduce your problem with the latest Twisted code in trunk.

Here is what I did:


git clone https://github.com/twisted/twisted twisted-test
cd twisted-test
python setup.py develop
cd docs/conch/examples
mkdir ssh-examples
ckeygen -t rsa -f ssh-keys/ssh_host_rsa_key
twistd -ny demo_recvline.tac


I logged in with:


ssh username at 127.0.0.1 -m hmac-sha2-512 -vvv -p 6022

(using *username* for the login, and  *password* for the password)

>From the log, I saw:

debug1: Authenticating to 127.0.0.1:6022 as 'username'
debug3: put_host_port: [127.0.0.1]:6022
debug3: hostkeys_foreach: reading file "/Users/crodrigues/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file
/Users/crodrigues/.ssh/known_hosts:5
debug3: load_hostkeys: loaded 1 keys from [127.0.0.1]:6022
debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01 at openssh.com
,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256 at libssh.org
,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ssh-rsa-cert-v01 at openssh.com,rsa-sha2-512
,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01 at openssh.com,
ecdsa-sha2-nistp384-cert-v01 at openssh.com,
ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519-cert-v01 at openssh.com
,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305 at openssh.com
,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,
aes256-gcm at openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: ciphers stoc: chacha20-poly1305 at openssh.com
,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,
aes256-gcm at openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: MACs ctos: hmac-sha2-512
debug2: MACs stoc: hmac-sha2-512
debug2: compression ctos: none,zlib at openssh.com,zlib
debug2: compression stoc: none,zlib at openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms:
ecdh-sha2-nistp256,ecdh-sha2-nistk163,ecdh-sha2-nistp224,ecdh-sha2-nistk233,ecdh-sha2-nistb233,ecdh-sha2-nistp384,ecdh-sha2-nistk283,ecdh-sha2-nistk409,ecdh-sha2-nistb409,ecdh-sha2-nistp521,ecdh-sha2-nistt571,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1
debug2: host key algorithms: ssh-rsa
debug2: ciphers ctos:
aes256-ctr,aes256-cbc,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,cast128-ctr,cast128-cbc,blowfish-cbc,
3des-cbc
debug2: ciphers stoc:
aes256-ctr,aes256-cbc,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,cast128-ctr,cast128-cbc,blowfish-cbc,
3des-cbc

debug2: MACs ctos: hmac-sha2-512,hmac-sha2-384,hmac-sha2-256
,hmac-sha1,hmac-md5

debug2: compression ctos: none,zlib
debug2: compression stoc: none,zlib
debug2: languages ctos:
debug2: languages stoc:debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-512
compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-512
compression: none
debug3: send packet: type 30
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ssh-rsa
SHA256:VP7JUyzN/BuRNuCOieijGHuF9fAylDBCYYJAtJ+gDO8
debug3: put_host_port: [127.0.0.1]:6022
debug3: put_host_port: [127.0.0.1]:6022
debug3: hostkeys_foreach: reading file "/Users/crodrigues/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file
/Users/crodrigues/.ssh/known_hosts:5
debug3: load_hostkeys: loaded 1 keys from [127.0.0.1]:6022
debug1: Host '[127.0.0.1]:6022' is known and matches the RSA host key.
debug1: Found key in /Users/crodrigues/.ssh/known_hosts:5
debug3: send packet: type 21
debug2: set_newkeys: mode 1



I did not see the problem that you saw.

--
Craig


On Tue, Dec 20, 2016 at 10:15 PM, 陈健 <chenjianhappy2008 at 126.com> wrote:

>  hi:
>
>     I write a SSH server with Twisted(15.5.0)  Conch.  But it  don't
> support hmac-sha2-512 MAC algorithms
> .  However I see this problem has been fixed in https://twistedmatrix.com/
> trac/ticket/8108 .  I asked the question in http://stackoverflow.com/
> questions/41254398/twisted-hmac-sha2-512-corrupted-mac-
> on-input-with-openssh .
>
> Best regards,
>  ---jianchen
>
>
>
>
>
> _______________________________________________
> Twisted-Python mailing list
> Twisted-Python at twistedmatrix.com
> http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/twisted-python/attachments/20161228/d1a79b16/attachment-0002.html>

More information about the Twisted-Python mailing list