-
-
Notifications
You must be signed in to change notification settings - Fork 939
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
String reference not set to an instance of a String. Parameter name: s - version 2020.0.2 #1237
Comments
i think i've found the issue which might point to a BUG
code example :
` when there is an issue / authentication method not defined when i've change the order / removed the user interactive everything worked fine |
I came across this same issue when I was implementing some of the more recent updates to the library. It has since been fixed in the latest builds. I started with a 2016.x.x version (in 2017) and I highly modified the library to meet my specific needs. The commit "Allow for easier troubleshooting of protocol version exchange." broke it. The issue stems from Session.Connect(). Prior to 2020.x.x:
2020.x.x
Latest Build:
Session.ClientVersion is initialized in Session.Session(), which, IMO, is a really bad place to put it. So, I changed it to a static readonly string, dropped it to ConnectionInfo (since it is technically connection information), and updated Session.ClientVersion to pull from there. However for 2020.x.x, the values are simply passed down to ConnectionInfo and Session.Serversion is never initialized, so the exception is thrown in CalculateHash() when passing Session.ServerVersion to ExchangeHashData. The latest version fixed that, but it seems a bit redundant since it can be fixed without modifying Session.Connect() by modifying the local properties:
Cheers, |
@lifeincha0s having said that this is clearly a bug in the SSH.NET |
continue to our conversation ..
this is the AuthenticationPrompt implementation function but for now it seems , at least for me , the issue is on the SSH.NET side no ? |
|
unfortunately , no , this is the first time this issue happens for us :) this issue happens only for this customer . NOTE : this issue happens for domain user only , for local user it works fine |
OK, understood. I'm sorry but I don't think any of that is related to SSH.NET and I can't help you on that. If you believe it is related, you can try troubleshooting using https://github.com/sshnet/SSH.NET/wiki/Troubleshooting-SSH.NET and report back. I hope you find a solution. |
i have to admit it sounds like an adge case , when something is blocking the Keyboard-interactive we are still waiting to get more information about the customer environment , so we could understand what is the issue |
would like to better understand what can / needs to be done public SshClient(IMachine machine, string username, SecureString password, int port, TimeSpan connectionTimeout)
{
try
{
ConnectionInfo = new PasswordConnectionInfo(machine.Address, username, password, port);
var authenticationMethods = new List<Renci.SshNet.AuthenticationMethod>();
var includeKeyboardInteractiveMethod = IOC.Get.Service<IConfig>().GetBool("IncludeKeyboardInteractiveMethod", true, false);
var keyboardAuth = new KeyboardInteractiveAuthenticationMethod(username);
keyboardAuth.AuthenticationPrompt += keyboardAuthentication_AuthenticationPrompt;
IOC.Get.Service<ILogService>().Write($"IncludeKeyboardInteractiveMethod value is : {includeKeyboardInteractiveMethod}", LogTarget.Trace);
if (includeKeyboardInteractiveMethod)
{
authenticationMethods.Add(keyboardAuth);
}
authenticationMethods.Add(new Renci.SshNet.PasswordAuthenticationMethod(username, password.GetStringFromSecureString()));
var connectionInfo = new Renci.SshNet.ConnectionInfo(machine.Address, port, username, authenticationMethods.ToArray());
connectionInfo.Timeout = connectionTimeout;
_client = new Renci.SshNet.SshClient(connectionInfo);
setShellColumns(machine);
}
catch (Exception ex)
{
throw new Exception(string.Format(LogMessages.DNAPR209E, ex.Message), ex);
}
} the implementation for keyboardAuthentication_AuthenticationPrompt is private void keyboardAuthentication_AuthenticationPrompt(object sender, Renci.SshNet.Common.AuthenticationPromptEventArgs e)
{
if (ConnectionInfo.AuthenticationMethod is PasswordAuthenticationMethod)
{
var passwordConnection = (PasswordAuthenticationMethod)ConnectionInfo.AuthenticationMethod;
var passwordRegex = new Regex(IOC.Get.Service<IUnixConfigReader>().LoginPasswordPrompt, RegexOptions.Multiline | RegexOptions.IgnoreCase);
IOC.Get.Service<ILogService>().Write(LogMessages.DNAPR618I, LogTarget.Trace);
foreach (var prompt in e.Prompts)
{
IOC.Get.Service<ILogService>().Write(LogMessages.DNAPR619I, LogTarget.Trace, prompt.Request);
if (passwordRegex.IsMatch(prompt.Request))
{
prompt.Response = passwordConnection.Password.GetStringFromSecureString();
}
else
{
IOC.Get.Service<ILogService>().Write(LogMessages.DNAPR673E, LogTarget.Trace, prompt.Request);
}
}
}
} ** this is the Login prompt regex - @"^Password: ?$|'+s password: ?$"; 11/9/2023 8:40:27 AM [5960][7] - Connect - DNAPR722E Failed to initialize SSH client to remote machine Machine-IP. Error: String reference not set to an instance of a String. as you could see the DNAPR618I is not show in the logs ( so something is clearly failing in an earlier stage) when the bold section was removed from the prompt everything worked fine. would you agree , that in case one , authentication throws an exception thanks |
(FYI I edited your comment to format the code blocks: you need to surround with 3 ticks instead of 1 ( I don't know what Aside from that, your regex will indeed not match "Password for username@domain", so maybe the regex could be changed. As for whether the authentication process should continue on exception, it will already continue if for example, the wrong key or password is given as part of the normal procedure. But in an "exceptional" case like this one, which in fact indicates a problem in the code, I do not think the process should continue. What you could do is have an Similarly we could null-coalesce the response to an empty string during serialisation, but (again) I think this is working around incorrect usage of the code. I don't have strong opinion here. |
Hi
but as i said, when the customer changed his prompt
from : Password for ***@***.***
to : password:
everything worked and we could see the *DNAPR618I *log -> meaning
keyboardAuthentication_AuthenticationPrompt was called.
and since we could not see the *DNAPR618I ,* i assume there is an issue on
the SSH.NET side .
not handling it by throwing an exception.
System.ArgumentNullException: String reference not set to an instance of a
String.
Parameter name: s
at
Renci.SshNet.KeyboardInteractiveAuthenticationMethod.Authenticate(Session
session)
at Renci.SshNet.ClientAuthentication.TryAuthenticate(ISession session,
AuthenticationState authenticationState, String[]
allowedAuthenticationMethods, SshAuthenticationException&
authenticationException)
at
Renci.SshNet.ClientAuthentication.Authenticate(IConnectionInfoInternal
connectionInfo, ISession session)
at Renci.SshNet.ConnectionInfo.Authenticate(ISession session,
IServiceFactory serviceFactory)
at Renci.SshNet.Session.Connect()
at Renci.SshNet.BaseClient.CreateAndConnectSession()
at Renci.SshNet.BaseClient.Connect()
at Cyberark.DNA.Common.Communication.SSH.SshClient.Connect()
and not passing the second provided authentication method
** We have in our code the ability to control the prompt regex, but I have
to admit, it seems like
something is failing in an earlier stage
thanks
Amit
…On Mon, Dec 4, 2023 at 6:28 PM Rob Hague ***@***.***> wrote:
(FYI I edited your comment to format the code blocks: you need to surround
with 3 ticks instead of 1 (```)
I don't know what ConnectionInfo is in your code, but I'm guessing it is
not Renci.SshNet.ConnectionInfo. Could the if
(ConnectionInfo.AuthenticationMethod is PasswordAuthenticationMethod) be
false which stops DNAPR618I? If it is true then I can't explain why the log
does not show.
Aside from that, your regex will indeed not match "Password for
***@***.***", so maybe the regex could be changed.
As for whether the authentication process should continue on exception, it
will already continue if for example, the wrong key or password is given as
part of the normal procedure. But in an "exceptional" case like this one,
which in fact indicates a problem in the code, I do not think the process
should continue.
What you could do is have an else in
keyboardAuthentication_AuthenticationPrompt which just sets all the prompt.Response
= "".
Similarly we could null-coalesce the response to an empty string during
serialisation, but (again) I think this is working around incorrect usage
of the code. I don't have strong opinion here.
—
Reply to this email directly, view it on GitHub
<#1237 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACKFETQNT2PAZYXWPUSOSTLYHX23RAVCNFSM6AAAAAA7H4AWDOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMZZGAYDINJYGM>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
i've finally understood what you mean about the if statement, which might
affect the process.
still , dont you think.
when providing more than one authentication method , than we should move
and try to second authentication method ?
…On Tue, Dec 5, 2023 at 10:24 AM Amit Barkai ***@***.***> wrote:
Hi
but as i said, when the customer changed his prompt
from : Password for ***@***.***
to : password:
everything worked and we could see the *DNAPR618I *log -> meaning
keyboardAuthentication_AuthenticationPrompt was called.
and since we could not see the *DNAPR618I ,* i assume there is an issue
on the SSH.NET side .
not handling it by throwing an exception.
System.ArgumentNullException: String reference not set to an instance of
a String.
Parameter name: s
at
Renci.SshNet.KeyboardInteractiveAuthenticationMethod.Authenticate(Session
session)
at Renci.SshNet.ClientAuthentication.TryAuthenticate(ISession session,
AuthenticationState authenticationState, String[]
allowedAuthenticationMethods, SshAuthenticationException&
authenticationException)
at
Renci.SshNet.ClientAuthentication.Authenticate(IConnectionInfoInternal
connectionInfo, ISession session)
at Renci.SshNet.ConnectionInfo.Authenticate(ISession session,
IServiceFactory serviceFactory)
at Renci.SshNet.Session.Connect()
at Renci.SshNet.BaseClient.CreateAndConnectSession()
at Renci.SshNet.BaseClient.Connect()
at Cyberark.DNA.Common.Communication.SSH.SshClient.Connect()
and not passing the second provided authentication method
** We have in our code the ability to control the prompt regex, but I have
to admit, it seems like
something is failing in an earlier stage
thanks
Amit
On Mon, Dec 4, 2023 at 6:28 PM Rob Hague ***@***.***> wrote:
> (FYI I edited your comment to format the code blocks: you need to
> surround with 3 ticks instead of 1 (```)
>
> I don't know what ConnectionInfo is in your code, but I'm guessing it is
> not Renci.SshNet.ConnectionInfo. Could the if
> (ConnectionInfo.AuthenticationMethod is PasswordAuthenticationMethod) be
> false which stops DNAPR618I? If it is true then I can't explain why the log
> does not show.
>
> Aside from that, your regex will indeed not match "Password for
> ***@***.***", so maybe the regex could be changed.
>
> As for whether the authentication process should continue on exception,
> it will already continue if for example, the wrong key or password is given
> as part of the normal procedure. But in an "exceptional" case like this
> one, which in fact indicates a problem in the code, I do not think the
> process should continue.
>
> What you could do is have an else in
> keyboardAuthentication_AuthenticationPrompt which just sets all the prompt.Response
> = "".
>
> Similarly we could null-coalesce the response to an empty string during
> serialisation, but (again) I think this is working around incorrect usage
> of the code. I don't have strong opinion here.
>
> —
> Reply to this email directly, view it on GitHub
> <#1237 (comment)>,
> or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/ACKFETQNT2PAZYXWPUSOSTLYHX23RAVCNFSM6AAAAAA7H4AWDOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMZZGAYDINJYGM>
> .
> You are receiving this because you authored the thread.Message ID:
> ***@***.***>
>
|
The 2023.0.1 version has been released to Nuget: https://www.nuget.org/packages/SSH.NET/2023.0.1 |
Hi All
i am using version 2020.0.2 and getting the following exception while trying to connect to linux machine
System.ArgumentNullException: String reference not set to an instance of a String.
Parameter name: s
at Renci.SshNet.KeyboardInteractiveAuthenticationMethod.Authenticate(Session session)
at Renci.SshNet.ClientAuthentication.TryAuthenticate(ISession session, AuthenticationState authenticationState, String[] allowedAuthenticationMethods, SshAuthenticationException& authenticationException)
at Renci.SshNet.ClientAuthentication.Authenticate(IConnectionInfoInternal connectionInfo, ISession session)
at Renci.SshNet.ConnectionInfo.Authenticate(ISession session, IServiceFactory serviceFactory)
at Renci.SshNet.Session.Connect()
at Renci.SshNet.BaseClient.CreateAndConnectSession()
at Renci.SshNet.BaseClient.Connect()
when trying to connect vis Putty everything works just fine.
` var keyboardAuth = new KeyboardInteractiveAuthenticationMethod(username);
keyboardAuth.AuthenticationPrompt += keyboardAuthentication_AuthenticationPrompt;
_client.Connect()`
could you please explain what is happening here?
The text was updated successfully, but these errors were encountered: