XShell 7 新版本修改了 signRequestAgentMsg 报文格式
zzmark opened this issue · comments
xshell 7 可能修改了 agent 协议,或者这个协议版本有所更新(没有具体追踪)
xshell 版本: xshell 7 Build 0157
开启 debug 后有 stderr 日志打印:
agent 13: ssh: parse error in message type 13
断点分析得出,新版本的 signRequestAgentMsg 报文,较标准协议,多出32bit 数据 => {0, 24, 15, 254}
多次尝试,后三个byte不稳定,看不出是什么
旧版本为缺少 Flags 部分,需要补32bit。
个人有个patch,简单粗暴的裁剪后32bit,测试可以使用,没有继续刨根问底。
若可以合并,我去提PR
附上修正前 xshell 日志
[BEGIN] 2024-05-06 19:00:09
[2024-05-06-19:0:9.735] Connection established.
[2024-05-06-19:0:9.735] To escape to local shell, press 'Ctrl+Alt+]'.
[2024-05-06-19:0:9.766] [19:00:09] Version exchange initiated...
[2024-05-06-19:0:9.766] [19:00:09] server: SSH-2.0-OpenSSH_8.7
[2024-05-06-19:0:9.766] [19:00:09] client: SSH-2.0-nsssh2_7.0.0040 NetSarang Computer, Inc.
[2024-05-06-19:0:9.766] [19:00:09] SSH2 is selected.
[2024-05-06-19:0:9.767] [19:00:09] Outgoing packet: 20 (0x14: SSH2_MSG_KEXINIT)
[2024-05-06-19:0:9.786] [19:00:09] Incoming packet: 20 (0x14: SSH2_MSG_KEXINIT)
[2024-05-06-19:0:9.787] [19:00:09] Algorithm negotiation initiated... (Dialog mode)
[2024-05-06-19:0:9.787] [19:00:09] key exchange: curve25519-sha256@libssh.org
[2024-05-06-19:0:9.787] [19:00:09] host key: rsa-sha2-256
[2024-05-06-19:0:9.787] [19:00:09] outgoing encryption: chacha20-poly1305@openssh.com
[2024-05-06-19:0:9.787] [19:00:09] incoming encryption: chacha20-poly1305@openssh.com
[2024-05-06-19:0:9.787] [19:00:09] outgoing mac: hmac-sha2-256-etm@openssh.com
[2024-05-06-19:0:9.787] [19:00:09] incoming mac: hmac-sha2-256-etm@openssh.com
[2024-05-06-19:0:9.787] [19:00:09] outgoing compression: none
[2024-05-06-19:0:9.787] [19:00:09] incoming compression: none
[2024-05-06-19:0:9.789] [19:00:09] Outgoing packet: 30 (0x1e: SSH2_MSG_KEXDH_INIT)
[2024-05-06-19:0:9.819] [19:00:09] Incoming packet: 31 (0x1f: SSH2_MSG_KEXDH_REPLY)
[2024-05-06-19:0:9.819] [19:00:09] Host authentication initiated...
[2024-05-06-19:0:9.820] [19:00:09] Hostkey fingerprint:
[2024-05-06-19:0:9.820] [19:00:09] rsa 3072 84:f4:6d:f9:11:01:21:3a:b5:0a:4f:f1:af:74:f0:67
[2024-05-06-19:0:9.822] [19:00:09] Accepted. Verifying host key...
[2024-05-06-19:0:9.822] [19:00:09] Verified.
[2024-05-06-19:0:9.822] [19:00:09] Outgoing packet: 21 (0x15: SSH2_MSG_NEWKEYS)
[2024-05-06-19:0:9.823] [19:00:09] Incoming packet: 21 (0x15: SSH2_MSG_NEWKEYS)
[2024-05-06-19:0:9.823] [19:00:09] Outgoing packet: 5 (0x05: SSH2_MSG_SERVICE_REQUEST)
[2024-05-06-19:0:9.823] [19:00:09] Incoming packet: 7 (0x07: SSH2_MSG_EXT_INFO)
[2024-05-06-19:0:9.824] [19:00:09] server-sig-algs = ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com
[2024-05-06-19:0:9.843] [19:00:09] Incoming packet: 6 (0x06: SSH2_MSG_SERVICE_ACCEPT)
[2024-05-06-19:0:9.843] [19:00:09] User authentication initiated... (Dialog mode)
[2024-05-06-19:0:9.843] [19:00:09] Sent user name 'root'.
[2024-05-06-19:0:9.844] [19:00:09] Outgoing packet: 50 (0x32: SSH2_MSG_USERAUTH_REQUEST)
[2024-05-06-19:0:9.861] [19:00:09] Incoming packet: 51 (0x33: SSH2_MSG_USERAUTH_FAILURE)
[2024-05-06-19:0:9.861] [19:00:09] Server requested: publickey,gssapi-keyex,gssapi-with-mic
[2024-05-06-19:0:9.862] [19:00:09] Server support public key authentication method.
[2024-05-06-19:0:9.862] [19:00:09] Trying to find ssh-agent...
[2024-05-06-19:0:9.863] [19:00:09] Xagent is running. Connecting to ssh-agent...
[2024-05-06-19:0:9.863] [19:00:09] Auth method is agent.
[2024-05-06-19:0:12.468] [19:00:12] Received 2 identity-blob(s) from ssh-agent.
[2024-05-06-19:0:12.468] [19:00:12] Trying next identity blob...
[2024-05-06-19:0:12.468] [19:00:12] Outgoing packet: 50 (0x32: SSH2_MSG_USERAUTH_REQUEST)
[2024-05-06-19:0:12.468] [19:00:12] UserKey type: keylen:0
[2024-05-06-19:0:12.484] [19:00:12] Incoming packet: 51 (0x33: SSH2_MSG_USERAUTH_FAILURE)
[2024-05-06-19:0:12.484] [19:00:12] Server rejected the public blob,
[2024-05-06-19:0:12.484] [19:00:12] Trying next identity blob...
[2024-05-06-19:0:12.484] [19:00:12] Outgoing packet: 50 (0x32: SSH2_MSG_USERAUTH_REQUEST)
[2024-05-06-19:0:12.484] [19:00:12] UserKey type:ssh-ed25519 keylen:51
[2024-05-06-19:0:12.504] [19:00:12] Incoming packet: 60 (0x3c: SSH2_MSG_USERAUTH_PK_OK)
[2024-05-06-19:0:12.504] [19:00:12] Received PK_OK packet. Try to send signed key blob.
[2024-05-06-19:0:12.506] [19:00:12] Sent sign request to ssh-agent. ssh-ed25519
[2024-05-06-19:0:12.524] [19:00:12] Received an empty signature from ssh-agent.
[2024-05-06-19:0:12.524] [19:00:12] Trying next identity blob...
[2024-05-06-19:0:12.524] [19:00:12] Outgoing packet: 50 (0x32: SSH2_MSG_USERAUTH_REQUEST)
[2024-05-06-19:0:12.524] [19:00:12] UserKey type:ecdsa-sha2-nistp256 keylen:104
[2024-05-06-19:0:12.547] [19:00:12] Incoming packet: 60 (0x3c: SSH2_MSG_USERAUTH_PK_OK)
[2024-05-06-19:0:12.547] [19:00:12] Received PK_OK packet. Try to send signed key blob.
[2024-05-06-19:0:12.547] [19:00:12] Sent sign request to ssh-agent. ecdsa-sha2-nistp256
[2024-05-06-19:0:12.568] [19:00:12] Received an empty signature from ssh-agent.
[2024-05-06-19:0:12.569] [19:00:12] No more keys to try.
[2024-05-06-19:0:12.569] [19:00:12] Fall back to normal user authentication steps.
[2024-05-06-19:0:14.873] [19:00:14] Canceled.
[2024-05-06-19:0:14.873] [19:00:14] Outgoing packet: 1 (0x01: SSH2_MSG_DISCONNECT)
[2024-05-06-19:0:14.911] Connection closing...Socket close.
[2024-05-06-19:0:14.911]
[2024-05-06-19:0:14.911] Connection closed by foreign host.
[END] 2024-05-06 19:00:14
更新到最新版 XShell 7 Build 0157 后同样遇到无法认证的问题,但是构建了包含以上 Patch 的 WinCryptSSHAgent 仍然无法认证,回退到 Build 0151 解决了问题。
更新到最新版 XShell 7 Build 0157 后同样遇到无法认证的问题,但是构建了包含以上 Patch 的 WinCryptSSHAgent 仍然无法认证,回退到 Build 0151 解决了问题。
奇怪了,我从0157到0164日常使用,还没有问题
Xshell 8 Beta Build 0042 同样有此问题,构建了 Patch 也无法使用。ssh: parse error in message type 13 的消息仍然存在。
看了下 Patch 的代码,xshell.go:176 是否应该是 err != nil 而非 err == nil....
修了之后能跳出智能卡提示了,但插了 Yubikey 后显示如下图。
