Subject: libssh2 failing to provide remote host key?

libssh2 failing to provide remote host key?

From: Lars Kellogg-Stedman <lars_at_oddbit.com>
Date: Fri, 18 Jun 2010 09:54:29 -0400

Hello all,

I've just started working with libssh2 and I've run into a problem
that I've seen some other folks describe, but to which I haven't yet
seen a good solution. If someone can shed some light on this I would
appreciate it.

If I connect to a remote host with libssh2, the call to
libssh2_session_startup returns successfully (return code == 0).
However, inspecting the internal data structures at this point shows:

  session->err_msg = "Unable to exchange encryption keys"
  session->err_code = -37,

After this point, the hostkey returned by libssh2_session_hostkey()
is empty (not NULL, but the empty string). The relevant internal
fields look like this:

  session->server_hostkey = ""
  session->server_hostkey_len = 277
  session->server_hostkey_md5 =
"\274\233\026\"\362\f\220E\237\002p\267\262\360\253\a"
  session->server_hostkey_sha1 =
"\346\024\"5\202\350\020\210Q\252\262\240\340b\363\344\303\373\231l"

As far as the server was concerned, everything worked fine. The debug
output from sshd looks like this:

  Connection from 127.0.0.1 port 34505
  debug1: Client protocol version 2.0; client software version
libssh2_1.2.7-20100617
  debug1: no match: libssh2_1.2.7-20100617
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_5.3
  debug1: permanently_set_uid: 74/74
  debug1: list_hostkey_types: ssh-rsa,ssh-dss
  debug1: SSH2_MSG_KEXINIT sent
  debug1: SSH2_MSG_KEXINIT received
  debug1: kex: client->server aes128-ctr hmac-sha1 none
  debug1: kex: server->client aes128-ctr hmac-sha1 none
  debug1: expecting SSH2_MSG_KEXDH_INIT
  debug1: SSH2_MSG_NEWKEYS sent
  debug1: expecting SSH2_MSG_NEWKEYS
  debug1: SSH2_MSG_NEWKEYS received
  debug1: KEX done

If I try the same connection with either vanilla OpenSSH or with
Paramiko, it works just fine.

I'm using yesterday's snapshot (20100617). I encountered the same
problem with 1.2.4.

You can see the actual code here (which started life as
examples/direct_tcpip.c from libssh2):

  http://gist.github.com/443651

Thanks for your help,

-- Lars
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-06-18