Hello,
I have an embedded linux project using buildroot which I've included libssh2 in. The current configuration also is using dropbear.
I am attempting to use curl with scp to retrieve a file stream but am getting an error.
I've verified the curl format with an Ubuntu<->Ubuntu transfer and it succeeds. When I try with curl on my embedded system, I get:
# curl scp://192.168.1.123/var/ftp/pub/1bytefile -o /tmp/1bytefile -u eric:password
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
curl: (2) Failure establishing ssh session: -43,
I turned sshd debug up to level 3 and see: the error
Corrupted MAC on input. [preauth] (full error log at end of this post)
I confirmed I can use scp directly successfully (but this uses dropbear which does not appear to use libssh2 - at least not according to the sshd log: May 18 15:42:08 eric-Precision-7520 sshd[444608]: debug1: no match: dropbear_2018.76)
I replaced dropbear with Openssh and created keys with same which also generated the ~/.ssh directory structure. I did an scp again so known_hosts is populated and attempted curl again with the same error.
Can you tell me how I can correct libssh2's behavior with curl?
Thanks in advance.
-Eric
May 18 14:03:13 eric-Precision-7520 sshd[360940]: debug1: Bind to port 22 on 0.0.0.0.
May 18 14:03:13 eric-Precision-7520 sshd[360940]: Server listening on 0.0.0.0 port 22.
May 18 14:03:13 eric-Precision-7520 sshd[360940]: debug2: fd 4 setting O_NONBLOCK
May 18 14:03:13 eric-Precision-7520 sshd[360940]: debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY
May 18 14:03:13 eric-Precision-7520 sshd[360940]: debug1: Bind to port 22 on ::.
May 18 14:03:13 eric-Precision-7520 sshd[360940]: Server listening on :: port 22.
May 18 14:03:13 eric-Precision-7520 sudo[360936]: pam_unix(sudo:session): session closed for user root
May 18 14:03:17 eric-Precision-7520 sudo[361071]: eric : TTY=pts/10 ; PWD=/home/eric/projects/alcon/build.laird/buildroot/output/ngpvsd/images ; USER=root ; COMMAND=/usr/bin/systemctl status sshd.service
May 18 14:03:17 eric-Precision-7520 sudo[361071]: pam_unix(sudo:session): session opened for user root by (uid=0)
May 18 14:03:17 eric-Precision-7520 sudo[361071]: pam_unix(sudo:session): session closed for user root
May 18 14:03:37 eric-Precision-7520 sshd[360940]: debug3: fd 5 is not O_NONBLOCK
May 18 14:03:37 eric-Precision-7520 systemd-journald[409]: Forwarding to syslog missed 24 messages.
May 18 14:03:37 eric-Precision-7520 sshd[360940]: debug1: Forked child 361421.
May 18 14:03:37 eric-Precision-7520 sshd[360940]: debug3: send_rexec_state: entering fd = 8 config len 330
May 18 14:03:37 eric-Precision-7520 sshd[360940]: debug3: ssh_msg_send: type 0
May 18 14:03:37 eric-Precision-7520 sshd[360940]: debug3: send_rexec_state: done
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: oom_adjust_restore
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: Set /proc/self/oom_score_adj to 0
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: inetd sockets after dupping: 4, 4
May 18 14:03:37 eric-Precision-7520 sshd[361421]: Connection from 192.168.1.224 port 41650 on 192.168.1.123 port 22 rdomain ""
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: Remote protocol version 2.0, remote software version libssh2_1.9.0
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: no match: libssh2_1.9.0
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: fd 4 setting O_NONBLOCK
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: ssh_sandbox_init: preparing seccomp filter sandbox
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: Network child is on pid 361422
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: preauth child monitor started
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: privsep user:group 126:65534 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: permanently_set_uid: 126/65534 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: send packet: type 20 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: SSH2_MSG_KEXINIT sent [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: receive packet: type 20 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: SSH2_MSG_KEXINIT received [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: local server KEXINIT proposal [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 [preauth] May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: compression ctos: none,zlib@openssh.com [preauth] May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: compression stoc: none,zlib@openssh.com [preauth] May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: languages ctos: [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: languages stoc: [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: first_kex_follows 0 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: reserved 0 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: peer client KEXINIT proposal [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth] May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: host key algorithms: ecdsa-sha2-nistp256 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc [preauth] May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc [preauth] May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com [preauth] May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com [preauth] May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: compression ctos: none [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: compression stoc: none [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: languages ctos: [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: languages stoc: [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: first_kex_follows 0 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: reserved 0 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: kex: algorithm: ecdh-sha2-nistp256 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: kex: host key algorithm: ecdsa-sha2-nistp256 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: receive packet: type 30 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: mm_sshkey_sign entering [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: mm_request_send entering: type 6 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: mm_request_receive_expect entering: type 7 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: mm_request_receive entering [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: mm_request_receive entering
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: monitor_read: checking request 6
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: mm_answer_sign
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: mm_answer_sign: KEX signature 0x55c182a944e0(101)
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: mm_request_send entering: type 7
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: monitor_read: 6 used once, disabling now
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: send packet: type 31 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: send packet: type 21 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: set_newkeys: mode 1 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: rekey out after 4294967296 blocks [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: receive packet: type 21 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: SSH2_MSG_NEWKEYS received [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug2: set_newkeys: mode 0 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: rekey in after 4294967296 blocks [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: KEX done [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: Corrupted MAC on input. [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: send packet: type 1 [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: ssh_dispatch_run_fatal: Connection from 192.168.1.224 port 41650: message authentication code incorrect [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: do_cleanup [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: PAM: sshpam_thread_cleanup entering [preauth]
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: monitor_read_log: child log fd closed
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: mm_request_receive entering
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: do_cleanup
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug3: PAM: sshpam_thread_cleanup entering
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: Killing privsep child 361422
May 18 14:03:37 eric-Precision-7520 sshd[361421]: debug1: audit_event: unhandled event 12
May 18 14:03:37 eric-Precision-7520 sshd[360940]: debug1: main_sigchld_handler: Child exited