The arcfour256 algorithm fails to be configured with a specific mac algorithm #493
Comments
|
I have tried arcfour128 and other algorithms with higher security to perform connection operation through mina-sshd component, and the connection can be normal now. When arcfour256 algorithm is used, it is normal to connect the target device directly through the xshell client, but the connection using the mina-sshd component will be abnormal. When using the arcfour256 algorithm, I switched the openssh version of the target device in the scenario where the mina-sshd component was used to connect to the target device, and neither 5.3 nor 7.4 could be connected properly, nor could the target device in different network segments be connected properly.
When I was debugging, I found that the parameter of the eighth packet was changed to -8, which led to subsequent exceptions. Could it be that inCipherSize may not work for stream encryption algorithms? (such as arcfour256, also known as RC4), because stream encryption algorithms do not use the block concept. What is the configuration of mina-sshd or what configuration can I do on the target device to solve it? |
|
No idea. I just tested arcfour128 and arcfour256 against an OpenSSH 7.4 server in CentOS 7.9 (2009), and an Apache MINA SSHD 2.13.0-SNAPSHOT client works just fine. Maybe try the latest release 2.12.1, or the 2.13.0-SNAPSHOT available from the Apache snapshot repositories. |
I tried version 1.21.1 to connect and the problem still exists.
|
I found that when using arcfour256 algorithm, if the mac algorithm uses hmac-sha1-etm@openssh.com, The hmac-sha2-256-etm@openssh.com or hmac-sha2-512-etm@openssh.com algorithm will work, but any other mac algorithm will fail. version: 2.9.2 Protocol 2
Port 22
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
SyslogFacility AUTHPRIV
AuthorizedKeysFile .ssh/authorized_keys
PermitRootLogin yes
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
UseDNS yes
UsePAM yes
X11Forwarding yes
UsePrivilegeSeparation sandbox
AcceptEnv LANG LC_*
Subsystem sftp /usr/libexec/openssh/sftp-server |
czldb2
changed the title
czldb2
changed the title
|
OK, thank you. Essentially: arcfour256 works only with the This is a bug; it's caused by wrong block sizes being set. Yes, arcfour128 and arcfour256 are stream ciphers, but a block size must be set anyway because SSH RFC 4253 insists that
So for arcfour128 and arcfour256, the "blocksize" must be 8. Unfortunately, this is wrong at The last parameter must not be 16 or 32 but 8. arcfour128 works by chance, arcfour256 will fail for small packets. I'll push a fix soon. |
Arcfour is a stream cipher. The padding must then be such that the total SSH packet size is a multiple of 8. See RFC 4253: "the length of the concatenation of 'packet_length', 'padding_length', 'payload', and 'random padding' MUST be a multiple of the cipher block size or 8, whichever is larger. This constraint MUST be enforced, even when using stream ciphers."[1] Previous code had 16 and 32 as "block size" for these ciphers, which is wrong. Set it to 8. The wrong values 16 and 32 were added by mistake in commit 1166a5d in version 2.2.0. [1] https://datatracker.ietf.org/doc/html/rfc4253#page-7 Bug: #493
|
Thank you for your investigations. This is fixed with commit 5a78e6d. |
version:2.9.2
I configured my client to enable only arcfour256 algorithm, and then the server connecting to mina-sshd will encounter this exception, and the client connecting to a device supporting only arcfour256 algorithm through mina-sshd will also encounter this exception. But I'm fine with using the client connection directly
The following is the exception information:
The text was updated successfully, but these errors were encountered: