From libssh2-devel-bounces@cool.haxx.se Mon Jul 1 21:55:59 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r61JtOoN008383;
Mon, 1 Jul 2013 21:55:49 +0200
Received: from mail-ea0-x235.google.com (mail-ea0-x235.google.com
[IPv6:2a00:1450:4013:c01::235])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r61JtM34008305
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Mon, 1 Jul 2013 21:55:23 +0200
Received: by mail-ea0-f181.google.com with SMTP id a15so2333670eae.12
for ; Mon, 01 Jul 2013 12:55:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:date:message-id:subject:from:to:content-type;
bh=vwaiGzzlW8Gun3WoeOOcSHPGSEwGYtYyqLOYLScKSFc=;
b=Fha0BcvnATCmbONroNsdEpH0Rz/FVXApJUZFtlAwionGT04c1EuioH/Kk51frnGx2w
vxY+7wO+ogi4Ljm2Az1yOA5wC1xJz3yE2rd0lp2cHfRqBrs372PvdVsZmu6SODJ+fpBR
y6hs+cjuSxNyKkrO7Ba5slhsugTD0laxWWB9UGsu1C+q6F9Mj2v/EhZWhvt+aHvzLb7Y
XsoshtIIrn9TECJhsK+fXVHXxOOus7XTJL3QwbmPUh5aE76xfvpZ1sPpeJbD9vt6tk41
RoR0y7Yp+lm2AVU+nxKoeQQFM7cjKg9S0ulhVVEDuq3VFf8gZBF3+xJtxWfYIgPYLKfV
hbdA==
MIME-Version: 1.0
X-Received: by 10.15.41.196 with SMTP id s44mr22718740eev.138.1372708517879;
Mon, 01 Jul 2013 12:55:17 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 12:55:17 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 12:55:17 -0700 (PDT)
Date: Mon, 1 Jul 2013 12:55:17 -0700
Message-ID:
Subject: SSH2 host key length and hash compute
From: Kalpesh Parekh
To: libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============0539591079=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============0539591079==
Content-Type: multipart/alternative; boundary=089e0163449c96d17204e0789b1b
--089e0163449c96d17204e0789b1b
Content-Type: text/plain; charset=ISO-8859-1
Hi
The values returned by libssh2_host_key is returned as size_t. How can I
convert it to bits. I seem to be getting 23 additional bytes and therefore
have used (size returned - 23) *8.
Also when computing the hash I have used md5 for RSA and sha1 for DSS. Is
this the correct way?
--089e0163449c96d17204e0789b1b
Content-Type: text/html; charset=ISO-8859-1
Hi
The values returned by libssh2_host_key is returned as size_t. How can I convert it to bits. I seem to be getting 23 additional bytes and therefore have used (size returned - 23) *8.
Also when computing the hash I have used md5 for RSA and sha1 for DSS. Is this the correct way?
--089e0163449c96d17204e0789b1b--
--===============0539591079==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============0539591079==--
From libssh2-devel-bounces@cool.haxx.se Mon Jul 1 23:12:00 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r61LBhqp019917;
Mon, 1 Jul 2013 23:11:57 +0200
Received: from mail-vb0-x236.google.com (mail-vb0-x236.google.com
[IPv6:2607:f8b0:400c:c02::236])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r61LBfY3019865
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Mon, 1 Jul 2013 23:11:41 +0200
Received: by mail-vb0-f54.google.com with SMTP id q12so4079732vbe.13
for ; Mon, 01 Jul 2013 14:11:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:content-type;
bh=Y7Cm4rhefJu4RW1L/A1SMAmbgYAmSlipP9V09MTYf/k=;
b=C/fuT2SSMro1LhhrJ8m3/QkPuftztyH4la9Zz+tqn2XSBv3cgMkV5PxKshnxD2AYTZ
r8p3K56B3QQg1Em4DwQN3Qj3xwL1sJHDL/RCRizhBQpMcA5EBjnb2UvabP07c16CiN8Y
xG/oSzado/AR01woYpf4fr4oS3Olcqm8JOOo0eo5NB6Ky0x/skWcMaSJgzBidGE+lKiT
WAusjqFcQnchx9k+ui+4ZlFIvQJDmhLoXSwVjCuJUYm5eHORe4VMzon6heGFx4meGbTb
MSOQEJK8/uuK0NQJyvgGmuqj+FWWLo30VzUD/GaQa6OdYqYgpmUt/vkezguVzyrsKnvM
qRSg==
MIME-Version: 1.0
X-Received: by 10.58.202.1 with SMTP id ke1mr10119858vec.85.1372713095260;
Mon, 01 Jul 2013 14:11:35 -0700 (PDT)
Received: by 10.52.178.98 with HTTP; Mon, 1 Jul 2013 14:11:35 -0700 (PDT)
In-Reply-To:
References:
Date: Mon, 1 Jul 2013 22:11:35 +0100
X-Google-Sender-Auth: wM4SiDxkfJxq7BokKx5JEOYQ18U
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Alexander Lamaison
To: libssh2 development
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
On 1 July 2013 20:55, Kalpesh Parekh wrote:
> Hi
>
> The values returned by libssh2_host_key is returned as size_t. How can I
> convert it to bits. I seem to be getting 23 additional bytes and therefore
> have used (size returned - 23) *8.
There is no libssh2_host_key? Do you mean libssh2_hostkey_hash or
libssh2_session_hostkey?
> Also when computing the hash I have used md5 for RSA and sha1 for DSS. Is
> this the correct way?
You mention hashes so I'm going to assume you meant
libssh2_hostkey_hash. I don't know why you think it returns a value
as size_t. The return is a const char* string and the size is either
16 bytes or 20 bytes depending on whether you requested MD5 for SHA1.
Alex
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
From libssh2-devel-bounces@cool.haxx.se Tue Jul 2 08:34:41 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r626YEgU022827;
Tue, 2 Jul 2013 08:34:35 +0200
Received: from mail-ee0-x236.google.com (mail-ee0-x236.google.com
[IPv6:2a00:1450:4013:c00::236])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r626YC8A022798
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Tue, 2 Jul 2013 08:34:12 +0200
Received: by mail-ee0-f54.google.com with SMTP id t10so2491660eei.13
for ; Mon, 01 Jul 2013 23:34:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type; bh=NyHt99gYkz7VxjG9lxshrnl0HU1olVl4tudfw1Kb2eo=;
b=md4rd91Y3OiWS3weCTK582BXqu32Wosmlow+K0VKW6EDR0DLH9BCchOuIuX6Syi8u9
SxbWkbmWp7yrHwCPaB9VFC1r9/Q8UpfNkvxr8JvG+OFVLQQjTGIH7bxGQ+ib0zXYHnbC
euu3QYxV4X003BKGy4xqlnNwgU0TtqW7V9pub6pVPnokhySRT4+cZ7aS84eb1PQmzeHX
yaLVxkTH1Er9XWIvgHi6Gx86RIbeGC0+puSkeXbuJxTT/QInnFTRKCOkI2H6FwmOaj6g
JEunr8Btaq4UrrWG3leRkurkO+QN0Ru9S/NSLWIfY/77XOoQ6CJDEmdqqflofEZanoCi
s1sA==
MIME-Version: 1.0
X-Received: by 10.14.241.136 with SMTP id g8mr24494684eer.104.1372746847690;
Mon, 01 Jul 2013 23:34:07 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 23:34:07 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 23:34:07 -0700 (PDT)
In-Reply-To:
References:
Date: Mon, 1 Jul 2013 23:34:07 -0700
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Kalpesh Parekh
To: libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============0065519177=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============0065519177==
Content-Type: multipart/alternative; boundary=001a1132ecb6394ef504e081880c
--001a1132ecb6394ef504e081880c
Content-Type: text/plain; charset=ISO-8859-1
Hi Alex
The APIs I am using are libssh2_session_hostkey to retreive the host key
and libssh2_hostkey_hash to compute the hash from the key.
The first API returns the length of the host key in a variable passed to it
as a function argument. The variable is of size_t type and indicates the
size of host key. I need to convert this value to bits. Can you let me know
how can I do this?
This variable is passed to the second api and the hash is returned. Here
based on the type of host key, if it is RSA I request for the md5 hash and
sha1 hash for DSS key. Let me know if my assumption is correct here
Kalpesh
--001a1132ecb6394ef504e081880c
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Hi Alex
The APIs I am using are libssh2_session_hostkey to retreive =
the host key and=A0 libssh2_hostkey_hash to compute the hash from the key.<=
/p>
The first API returns the length of the host key in a variab=
le passed to it as a function argument. The variable is of size_t type and =
indicates the size of host key. I need to convert this value to bits. Can y=
ou let me know how can I do this?
This variable is passed to the second api and the hash is re=
turned. Here based on the type of host key, if it is RSA I request for the =
md5 hash and sha1 hash for DSS key. Let me know if my assumption is correct=
here
Kalpesh
--001a1132ecb6394ef504e081880c--
--===============0065519177==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============0065519177==--
From libssh2-devel-bounces@cool.haxx.se Tue Jul 2 08:37:06 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r626b4fc026037;
Tue, 2 Jul 2013 08:37:05 +0200
Received: from mail-ea0-x230.google.com (mail-ea0-x230.google.com
[IPv6:2a00:1450:4013:c01::230])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r626b2wg025884
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Tue, 2 Jul 2013 08:37:02 +0200
Received: by mail-ea0-f176.google.com with SMTP id z15so2480576ead.7
for ; Mon, 01 Jul 2013 23:36:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type; bh=0DmnofMK5GbD2fwGYsXbRHH40mqJWEaQ+6ygO87lYBY=;
b=ck0hDYd5G21eto9AGDN7LLb/4UeijhMR0mR1bsew7XJUQp1aOiy5/FoOBTJkRLpPqG
iImi7PMmspPWs1V+4t1VMykeMsnTR8Ja42B88BUaFcBn7+dMGI+bOfjoSPM/foYgo1/1
gLZ7zufCd1yEY+6Y7n1xVXsC5y30q9EAILngrG4rgTk8nd430G0Ungs+CuJryVkEoLws
WK7SmX890qqH0cNqgZ3as7Dy+lFR3tkya3uoHAvwQs3Sv6AthswPiFp8DmPmakcHyBq0
Yn1dfCaPm9TWFTrpQ+gj6I5PzgyAdPqbWUy8zChVC9ifxqj+zQmcWrhSioKWGKS+xkTN
BUmg==
MIME-Version: 1.0
X-Received: by 10.14.241.136 with SMTP id g8mr24503978eer.104.1372747017717;
Mon, 01 Jul 2013 23:36:57 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 23:36:57 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Mon, 1 Jul 2013 23:36:57 -0700 (PDT)
In-Reply-To:
References:
Date: Mon, 1 Jul 2013 23:36:57 -0700
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Kalpesh Parekh
To: libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============0824623366=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============0824623366==
Content-Type: multipart/alternative; boundary=001a1132ecb65bbf6d04e08192f4
--001a1132ecb65bbf6d04e08192f4
Content-Type: text/plain; charset=ISO-8859-1
Correction the value returned by first a API is used as input to second API.
--001a1132ecb65bbf6d04e08192f4
Content-Type: text/html; charset=ISO-8859-1
Correction the value returned by first a API is used as input to second API.
--001a1132ecb65bbf6d04e08192f4--
--===============0824623366==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============0824623366==--
From libssh2-devel-bounces@cool.haxx.se Tue Jul 2 10:58:23 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r628w2lZ029959;
Tue, 2 Jul 2013 10:58:19 +0200
Received: from mail-ie0-x233.google.com (mail-ie0-x233.google.com
[IPv6:2607:f8b0:4001:c03::233])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r628vxrM029825
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Tue, 2 Jul 2013 10:58:00 +0200
Received: by mail-ie0-f179.google.com with SMTP id c10so11562170ieb.38
for ; Tue, 02 Jul 2013 01:57:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:content-type;
bh=TEqQZDppTDG0wRt1KZViC6VYlI0ksHlbxBDT/oer34s=;
b=XDtDvJCQyVR5hSPorAs29j9E5ROFomRQf9lUhFxtdciaDwtlClIqpfP7dzVO+oL5ZC
sEECdzxp/9w/4t8cYvwxsGk+VB+pptr+FJpTxZyxPROABC2PDmRTC2CZM5qdL3/ZuU8k
ASv+2OEJHwAG0pMLT9xJ1sT3mgD52WpvAKrrvhNsc1V90P3jVlyLxWBPUmY7p6CZ6Xna
oZ3U+RibrylBVOlVD/IUI2zeL6Et6UG1lgKj9b4cVD4QHbF3cspeHz1WDZJFeMoXGzmx
qCdkxI2ENSrNzOuL8agy0UxWHsWzKk46AEFGElFi4fMoU3ROopHAVCKRPlAoZj/5dsrN
0mIg==
MIME-Version: 1.0
X-Received: by 10.50.1.37 with SMTP id 5mr19609841igj.29.1372755473139; Tue,
02 Jul 2013 01:57:53 -0700 (PDT)
Received: by 10.50.242.65 with HTTP; Tue, 2 Jul 2013 01:57:53 -0700 (PDT)
In-Reply-To:
References:
Date: Tue, 2 Jul 2013 09:57:53 +0100
X-Google-Sender-Auth: 8XxbuzJyN-tEzXeoNO0fXiJq16o
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Alexander Lamaison
To: libssh2 development
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
On 2 July 2013 07:34, Kalpesh Parekh wrote:
> Hi Alex
>
> The APIs I am using are libssh2_session_hostkey to retreive the host key and
> libssh2_hostkey_hash to compute the hash from the key.
>
> The first API returns the length of the host key in a variable passed to it
> as a function argument. The variable is of size_t type and indicates the
> size of host key. I need to convert this value to bits. Can you let me know
> how can I do this?
Why do you need to convert it to bits? What does that actually mean?
The size_t length is just a number.
> This variable is passed to the second api and the hash is returned.
Have you read the documentation?
http://www.libssh2.org/libssh2_hostkey_hash.html
http://www.libssh2.org/libssh2_session_hostkey.html
The two functions are unrelated. You do not pass the output from one
as the input to the other.
> Here
> based on the type of host key, if it is RSA I request for the md5 hash and
> sha1 hash for DSS key. Let me know if my assumption is correct here
You can request MD5 or SHA1, as you wish, independent of the key type.
Alex
--
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
From libssh2-devel-bounces@cool.haxx.se Tue Jul 2 16:04:36 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r62E486h031984;
Tue, 2 Jul 2013 16:04:31 +0200
Received: from mail-ee0-x22d.google.com (mail-ee0-x22d.google.com
[IPv6:2a00:1450:4013:c00::22d])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r62E46gZ031850
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Tue, 2 Jul 2013 16:04:07 +0200
Received: by mail-ee0-f45.google.com with SMTP id c1so2768056eek.18
for ; Tue, 02 Jul 2013 07:04:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type; bh=fDewIPJw2UaX5GiB+Hpl+1eZ/XR4mN1wRU6lMz421O8=;
b=qU4mxqHTV6FDrt93g47rc/zxPT00cRSbsA24Sd57ALD22hqbRDeS8yieeHchF8Jkdg
QACJ2R42KLPJGjw/A1cPgnam0tG6KklzFyQkSAtKVCKJ463QhqndkvZLzIOgS+tUDwq8
Vp26QaPKSLlKpuwjzDF+MFSRjdfVZ5SIY41GcoZKqTmxcgHGJgrUZeRhxWYPsyyH78de
tR3+wf8B0hggwEmh/lQ4yakcZJafKdLyJHIHHkvqXXUi95fp56qdD6F2PcnnXVbKIgXF
6TE0lBnCVTbgsZG+/etileD260aGMg85leJDO+8axQx4b/jouCGbIFv+q8aHzcO/Devu
93aQ==
MIME-Version: 1.0
X-Received: by 10.15.63.67 with SMTP id l43mr26637736eex.5.1372773839471; Tue,
02 Jul 2013 07:03:59 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Tue, 2 Jul 2013 07:03:59 -0700 (PDT)
In-Reply-To:
References:
Date: Tue, 2 Jul 2013 07:03:59 -0700
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Kalpesh Parekh
To: libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============0214254719=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============0214254719==
Content-Type: multipart/alternative; boundary=001a1132eb700f2b9d04e087d155
--001a1132eb700f2b9d04e087d155
Content-Type: text/plain; charset=ISO-8859-1
>From: Alexander Lamaison >
>Date: Tue, 2 Jul 2013 09:57:53 +0100
*>*On 2 July 2013 07:34, Kalpesh Parekh *>*wrote:
*> Hi Alex *
*> *
*> The APIs I am using are libssh2_session_hostkey to retreive the host
>key and *
*> libssh2_hostkey_hash to compute the hash from the key. *
*> *
*> The first API returns the length of the host key in a variable passed to
>it *
*> as a function argument. The variable is of size_t type and indicates
>the *
*> size of host key. I need to convert this value to bits. Can you let me
>know *
*> how can I do this? *
*>*Why do you need to convert it to bits? What does that actually mean?
*>*The size_t length is just a number.
The requirement is to show the strength of the host key in bits. I assumed
the length of the host key should be indicating this value and tried to
convert it to bits from size_t. How does ssh-keygen -l calcuate the
strength in bits?
*> This variable is passed to the second api and the hash is returned. *
*>*Have you read the documentation?
*>*http://www.libssh2.org/libssh2_hostkey_hash.html
*>*http://www.libssh2.org/libssh2_session_hostkey.html
*>*The two functions are unrelated. You do not pass the output from one
*>*as the input to the other.
Thanks for the correction. I gave you incorrect information here. But my
code is implemented as per the API documentation.
*> Here *
*> based on the type of host key, if it is RSA I request for the md5 hash
and *
*> sha1 hash for DSS key. Let me know if my assumption is correct here *
*>*You can request MD5 or SHA1, as you wish, independent of the key *>*type.
Thanks. This information is helpful.
*>*Alex
--001a1132eb700f2b9d04e087d155
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
>From: Alexander Lamaison <swish_at_lammy.co.uk>
>Date: Tue, 2 Jul 2013 09:57:53 +0100
>On 2 July 2013 07:34, Kalpesh Parekh <kalpesh.ork2_at_gmail.com=
> >wrote:
> Hi Alex
>
> The APIs I am using are libssh2_session_hostkey to retreive the host=
>key and
> libssh2_hostkey_hash to compute the hash from the key.
>
> The first API returns the length of the host key i=
n a variable passed to >it
> as a function argument. The=
variable is of size_t type and indicates >the
> size of host key. I need to convert this value to bits. Can you le=
t me >know
> how can I do this?
>Why do you need to convert it to bits? What does that act=
ually mean?
>The size_t length is just a number.
=A0
The requirement is to show the strength of the host key in bits. I ass=
umed the length of the host key should be indicating this value and tried t=
o convert it to bits from size_t. How does ssh-keygen -l calcuate the stren=
gth in bits?
> This variable is passed to the second api and the hash is retur=
ned.
>Have you read the documentation?
>http://www.libssh2.org/libssh2_hostkey_hash.html >http://www.libssh2.org/libssh2_session_hostkey.html=
a>
>The two functions are unrelated. You do not pass the outp=
ut from one
>as the input to the other.
=A0
Thanks for the correction. I gave you incorrect information here. But =
my code is implemented as per the API documentation.
> Here
> based on the type of host key, if it is =
RSA I request for the md5 hash and
> sha1 hash for DSS key.=
Let me know if my assumption is correct here
>You can request MD5 or SHA1, as you wish, independent of =
the key >type.
=A0
Thanks. This information is helpful.
>Alex
--001a1132eb700f2b9d04e087d155--
--===============0214254719==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============0214254719==--
From libssh2-devel-bounces@cool.haxx.se Wed Jul 3 02:16:23 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r630GLEr017078;
Wed, 3 Jul 2013 02:16:22 +0200
Received: from mail-ve0-x234.google.com (mail-ve0-x234.google.com
[IPv6:2607:f8b0:400c:c01::234])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r630GIJt017035
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Wed, 3 Jul 2013 02:16:19 +0200
Received: by mail-ve0-f180.google.com with SMTP id pa12so5436231veb.11
for ; Tue, 02 Jul 2013 17:16:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:content-type;
bh=bFEBMvwliGSCxQ+E0p3A4fDe0e7qCX74S5F+zuXFEkU=;
b=WJz4QI6wDZEiv10MbKIw6fu7oQdRSa0EcC1Y+7Ig/1FtV33T7a5unWJcmd+pJM5N6E
nrl4L7PlBFtcbjQ1NvAGEJV9014slkigDUIUfslPpQsL704vFS0TTRcpaQ5Q5LcKVl0f
louM6Dmxcfd/3hMnxCiFesYq12LN7pu3W3HI1wDps+vfecjMpla5REwiXiqwauaZXRjl
L01LszoBXuCPEEQ7ZylWcHv+nnLrXekgYshO/IILwIhVx0IUPejxfsIxNY18C5uBebvA
x8+L3AQ14mCEIowxO8eIIHvC+1FJn5dvWPBAkFrH1b0YHOFUbpc3S6DH/N+NzpdU4tKf
baDg==
MIME-Version: 1.0
X-Received: by 10.58.85.161 with SMTP id i1mr11706415vez.97.1372810574677;
Tue, 02 Jul 2013 17:16:14 -0700 (PDT)
Received: by 10.52.178.98 with HTTP; Tue, 2 Jul 2013 17:16:14 -0700 (PDT)
In-Reply-To:
References:
Date: Wed, 3 Jul 2013 01:16:14 +0100
X-Google-Sender-Auth: 3QuGG3uhkor2idpbKULIG7YWET0
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Alexander Lamaison
To: libssh2 development
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
On 3 July 2013 01:13, Alexander Lamaison wrote:
> On 2 July 2013 15:03, Kalpesh Parekh wrote:
>>>From: Alexander Lamaison
>>>Date: Tue, 2 Jul 2013 09:57:53 +0100
>>
>>>On 2 July 2013 07:34, Kalpesh Parekh >wrote:
>>
>>> Hi Alex
>>>
>>> The APIs I am using are libssh2_session_hostkey to retreive the host >key
>>> and
>>> libssh2_hostkey_hash to compute the hash from the key.
>>>
>>> The first API returns the length of the host key in a variable passed to
>>> >it
>>> as a function argument. The variable is of size_t type and indicates >the
>>> size of host key. I need to convert this value to bits. Can you let me
>>> >know
>>> how can I do this?
>>>Why do you need to convert it to bits? What does that actually mean?
>>>The size_t length is just a number.
>>
>> The requirement is to show the strength of the host key in bits. I assumed
>> the length of the host key should be indicating this value and tried to
>> convert it to bits from size_t.
>
> The length of the host key returned by session_hostkey is the exact
> size of the buffer holding the "server public host key and
> certificates (K_S)" in bytes (see RFC 4253 [1]). I'm not sure of the
> exact relationship between that and the key strength, but another part
> of RFC 4253 [2] indicated that that buffer may include a "format
> identifier" (presumably ssh-rsa or ssh-dsa) before the key data.
> Therefore, I wouldn't trust that they key strength is the returned
> length * 8.
>
>> How does ssh-keygen -l calcuate the strength
>> in bits?
>
> It extract the actual key data and counts the significant bits of one
> of the key fields. For DSA the prime, for RSA the modulus.
>
> [1] http://tools.ietf.org/html/rfc4253#section-8
> [2] http://tools.ietf.org/html/rfc4253#section-6.6
Could one of the crypto bods take a look at this? I've just done some
educated guesswork from reading the source and various RFCs, so plenty
of scope for error.
Alex
--
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
From libssh2-devel-bounces@cool.haxx.se Wed Jul 3 02:21:49 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r630EAe7015837;
Wed, 3 Jul 2013 02:14:32 +0200
Received: from mail-ve0-x22f.google.com (mail-ve0-x22f.google.com
[IPv6:2607:f8b0:400c:c01::22f])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r630DvLF015594
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Wed, 3 Jul 2013 02:14:06 +0200
Received: by mail-ve0-f175.google.com with SMTP id da11so5448950veb.34
for ; Tue, 02 Jul 2013 17:13:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:content-type;
bh=biab63/vGuiAWOyjqQbF+NXvjmNbbcMvsGPpw4xLgzk=;
b=w/jrE8wSD+KUWwgwRH+UrH1I/F68Rf0xXtw3JBTgpjfKgC8lwYtK4Hn+9xvZtFsBV6
7FrMLjG3gddEVqxPUZqWd7A/3NXYGPY9R15LcHH9zc2oyQdzWpuAV3TxLUP2spgAiy2B
X3zK7V3jh1EIgkXO9mokZBuO7Oq0DoLJHaXHXE1iu6fSgjJ0f2hnHP7w9NG24PqG8M13
t6uc9YngNp75x+tSfh2TSAD17srnGfx1FsnHjnIEGKOGOgbIP+k+zMdozap9o+t0ZGYJ
uR2K+lOtqSXHVs2pIAJmYW1+Sp80oc7xRAgBaRpINP7TXTf6IwLlinhVtWWapgGZtBja
h9qA==
MIME-Version: 1.0
X-Received: by 10.58.118.8 with SMTP id ki8mr11914012veb.84.1372810432001;
Tue, 02 Jul 2013 17:13:52 -0700 (PDT)
Received: by 10.52.178.98 with HTTP; Tue, 2 Jul 2013 17:13:51 -0700 (PDT)
In-Reply-To:
References:
Date: Wed, 3 Jul 2013 01:13:51 +0100
X-Google-Sender-Auth: KIQrizdtfCXv1jnt3RRvcjmNYhc
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Alexander Lamaison
To: libssh2 development
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
On 2 July 2013 15:03, Kalpesh Parekh wrote:
>>From: Alexander Lamaison
>>Date: Tue, 2 Jul 2013 09:57:53 +0100
>
>>On 2 July 2013 07:34, Kalpesh Parekh >wrote:
>
>> Hi Alex
>>
>> The APIs I am using are libssh2_session_hostkey to retreive the host >key
>> and
>> libssh2_hostkey_hash to compute the hash from the key.
>>
>> The first API returns the length of the host key in a variable passed to
>> >it
>> as a function argument. The variable is of size_t type and indicates >the
>> size of host key. I need to convert this value to bits. Can you let me
>> >know
>> how can I do this?
>>Why do you need to convert it to bits? What does that actually mean?
>>The size_t length is just a number.
>
> The requirement is to show the strength of the host key in bits. I assumed
> the length of the host key should be indicating this value and tried to
> convert it to bits from size_t.
The length of the host key returned by session_hostkey is the exact
size of the buffer holding the "server public host key and
certificates (K_S)" in bytes (see RFC 4253 [1]). I'm not sure of the
exact relationship between that and the key strength, but another part
of RFC 4253 [2] indicated that that buffer may include a "format
identifier" (presumably ssh-rsa or ssh-dsa) before the key data.
Therefore, I wouldn't trust that they key strength is the returned
length * 8.
> How does ssh-keygen -l calcuate the strength
> in bits?
It extract the actual key data and counts the significant bits of one
of the key fields. For DSA the prime, for RSA the modulus.
[1] http://tools.ietf.org/html/rfc4253#section-8
[2] http://tools.ietf.org/html/rfc4253#section-6.6
Alex
--
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
From libssh2-devel-bounces@cool.haxx.se Thu Jul 4 12:07:45 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r64A7Fdr015109;
Thu, 4 Jul 2013 12:07:39 +0200
Received: from mail-ee0-x22f.google.com (mail-ee0-x22f.google.com
[IPv6:2a00:1450:4013:c00::22f])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r64A7DaC015083
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Thu, 4 Jul 2013 12:07:13 +0200
Received: by mail-ee0-f47.google.com with SMTP id e49so657351eek.34
for ; Thu, 04 Jul 2013 03:07:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type; bh=d98NFWClHGB9HZnp1i8iGcBEf/ZFdoCgbcaWmdd9kn0=;
b=doXvhDRXEgK000IoV94bT4Sz4W+3wbogC0hRBra/x0LZTC66Tn2CYN1XYZxLXVWmuu
fwO+hMLH53pScjMVQfpuCvhso8pmkIBMx73Fp6T1N58j98wPKSlMsxyvDsgge8HfnmEM
D3j0EkhjF+blGUz+oYDXHrXDbt0NlMZYUQt8l2mxn+C7C69rq8Nf9A2c+7cYLCAQfOjW
oIMRbOTIydhCTvfnz0BJrqh3jQZ6Fj9S8+kE8g9/Uq+a9FpirgN3r5Yp+RGJU4LaYlsV
KHdLmO9czSAcjiJAbDdUtARvyV3XsTlYjqIcafyd9i55nihtVBcpjwxQ/NwiSu/UUjAe
vABw==
MIME-Version: 1.0
X-Received: by 10.15.41.196 with SMTP id s44mr5745597eev.138.1372932429197;
Thu, 04 Jul 2013 03:07:09 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Thu, 4 Jul 2013 03:07:09 -0700 (PDT)
In-Reply-To:
References:
Date: Thu, 4 Jul 2013 03:07:09 -0700
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Kalpesh Parekh
To: libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============0020909650=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============0020909650==
Content-Type: multipart/alternative; boundary=089e0163449cbe57be04e0acbd5f
--089e0163449cbe57be04e0acbd5f
Content-Type: text/plain; charset=ISO-8859-1
Thanks Alex,
So far it has been helpful.
So based on the RFC, I understand that the host key received from the
server has following components
K_S || f || s
I need to parse the K_S part for RSA key. How do I do that.
Also, how can I implement a generic logic for getting the bit strength from
the host key.
--089e0163449cbe57be04e0acbd5f
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Thanks Alex,
=A0
So far it has been helpful.
=A0
So based on the RFC, I understand that the host key received from the =
server has following components
K_S || f || s
=A0
I need to parse=A0the K_S part for RSA key. How do I do that.
=A0
Also, how can I implement a generic logic for getting the bit strength=
from the host key.
=A0
--089e0163449cbe57be04e0acbd5f--
--===============0020909650==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============0020909650==--
From libssh2-devel-bounces@cool.haxx.se Thu Jul 4 13:18:39 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r64BIJns025932;
Thu, 4 Jul 2013 13:18:35 +0200
Received: from mail-ve0-x22f.google.com (mail-ve0-x22f.google.com
[IPv6:2607:f8b0:400c:c01::22f])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r64BIGpW025860
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Thu, 4 Jul 2013 13:18:17 +0200
Received: by mail-ve0-f175.google.com with SMTP id da11so928254veb.34
for ; Thu, 04 Jul 2013 04:18:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:content-type;
bh=sDkfQ6TM7sn/fCMxN+euA3WQHAGe8nSAM7XbpTg27XU=;
b=zT7pwNjWv6F1cdttguwCesXjO64rHLNVsPV7/UoAQ11qYfyu4AsvYFzm4fvApKEq5o
ee9pWyZRROjPLSxkXDLcBoz0Opf0O6Bk4S5cPZRNkJOebnfaj1rwSiqbeHtS9YE32wMv
wNMifg56zZiMUR7T5xDNBy/SSnnyNwhVyXlhC4tPrDtCQFeMO+csLvxEJNVqULt18hkr
DUj4v8bvUupkQzIPGzV5UBLlbruiXRXvSgihi9ChPpBximr2qnHoywFwlgOdspgi83ga
kNhbK0X9eDbDvqZk1fh9GmrI/J5syDwb2Bapk1ci0taj1cwskvXKWWVC92CByvIZZMpB
m15w==
MIME-Version: 1.0
X-Received: by 10.220.6.135 with SMTP id 7mr2623552vcz.72.1372936690491; Thu,
04 Jul 2013 04:18:10 -0700 (PDT)
Received: by 10.52.178.98 with HTTP; Thu, 4 Jul 2013 04:18:10 -0700 (PDT)
In-Reply-To:
References:
Date: Thu, 4 Jul 2013 12:18:10 +0100
X-Google-Sender-Auth: lZo3Af6CsYZ4qm246_3Jo416Y7g
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Alexander Lamaison
To: libssh2 development
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
On 4 July 2013 11:07, Kalpesh Parekh wrote:
>
> So based on the RFC, I understand that the host key received from the server
> has following components
> K_S || f || s
But they contents of the buffer returned by session_hostkey is just K_S.
> I need to parse the K_S part for RSA key. How do I do that.
The RFC says (6.6):
Certificates and public keys are encoded as follows:
string certificate or public key format identifier
byte[n] key/certificate data
The certificate part may be a zero length string, but a public key is
required. This is the public key that will be used for
authentication. The certificate sequence contained in the
certificate blob can be used to provide authorization.
So the first part of K_S is a length-prefixed sring (all strings in
SSH are length-prefixed). So read the first 4 bytes of K_S to get the
length, then skip forward that many bytes (may be 0) to ignore the
format identifier. The next n bytes are the key data, where n is
host-key-length - 4 - format-id-length.
> Also, how can I implement a generic logic for getting the bit strength from
> the host key.
I guess the way OpenSSH does it: depending on key type, convert to an
RSA or DSA struct and count the significant bits in the modulus or
prime. Maybe we need another API function in the library.
This advice depends on me having interpreted the RFC correctly which I
may not have. Try it out and poke the bits with a debugger to see if
it makes sense.
Alex
--
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
From libssh2-devel-bounces@cool.haxx.se Sat Jul 6 15:16:53 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r66DGLIK020329;
Sat, 6 Jul 2013 15:16:44 +0200
Received: from mail-oa0-x231.google.com (mail-oa0-x231.google.com
[IPv6:2607:f8b0:4003:c02::231])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r66DGICN020266
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Sat, 6 Jul 2013 15:16:19 +0200
Received: by mail-oa0-f49.google.com with SMTP id n9so4500303oag.36
for ; Sat, 06 Jul 2013 06:16:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:date:message-id:subject:from:to:content-type;
bh=le19t7J7kuJFvsL2fL4MyDIaIpPVE3kVzhFBUi0DeLI=;
b=QVVgU0rd3LJ9Dhvqy4mr31yNqcCVyysp0CIcgiZ6n7bOYosETFh1dXd5lXxEgudhnX
11Mo2k2ba2xN3F8vMLn38ojybg1mjUZMq7YpuyCSmVW8C8k0jouvejRY+rpVNHUlgksM
O4WgEkYxFCRrlfQqSxa3E2iGQhCGBvnLelgNtlVFxjt8IImjD4u0dvuopc8z4yUc7br/
7c9haVc2K3OAq5Rm+JWjbvccmqu+v5FObApi5cQCA+kfsk4wKgME9Qn2o5/f6yWky3Xb
OebMaliKAK7i8GCV7Djt/S+83MjNS2khByyaV7hF6jvMgcGPMKQisMKFlyjOU+y0mSV5
2BZQ==
MIME-Version: 1.0
X-Received: by 10.182.237.107 with SMTP id vb11mr15177214obc.84.1373116571614;
Sat, 06 Jul 2013 06:16:11 -0700 (PDT)
Received: by 10.76.126.196 with HTTP; Sat, 6 Jul 2013 06:16:11 -0700 (PDT)
Date: Sat, 6 Jul 2013 16:16:11 +0300
Message-ID:
Subject: Using the putty private key for authentication
From: Velichko Yuriy
To: libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============0060156792=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============0060156792==
Content-Type: multipart/alternative; boundary=e89a8ff1cd6a7ced4104e0d79da1
--e89a8ff1cd6a7ced4104e0d79da1
Content-Type: text/plain; charset=ISO-8859-1
Hello!
I have problems with authentification with putty privat key using function:
libssh2_userauth_publickey_fromfile()
The connection is not established with error:
Unable to establish SSH tunnel. Authentification by public key failed.
If convert the key to the OpenSSH format - and use new file - the
authentification performed correctly.
Can anyone suggest how can I use the putty key to establish ssh connections.
Maybe c/c++ libs that converts the putty key...
Thanks!
--
Best Regards!
--e89a8ff1cd6a7ced4104e0d79da1
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Hello!
I have problems with authentification with putty privat key using f=
unction: libssh2_userauth_publickey_fromfile()
The=
connection is not established with error:
Unable to establish SSH tunnel. Authentification by pub=
lic key failed.=A0
If convert the key to the OpenS=
SH format - and use new file =A0- the authentification =A0performed correct=
ly.
Can anyone suggest how can I use the putty key to estab=
lish ssh connections.
Maybe c/c++ libs that converts the putty ke=
y...=A0
Thanks!
--=A0
Best=A0Regards!
--e89a8ff1cd6a7ced4104e0d79da1--
--===============0060156792==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============0060156792==--
From libssh2-devel-bounces@cool.haxx.se Sat Jul 6 15:22:14 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r66DMA3C023184;
Sat, 6 Jul 2013 15:22:12 +0200
Received: from foo.stuge.se (qmailr@foo.stuge.se [212.116.89.98])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r66DM9SI023172
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
for ; Sat, 6 Jul 2013 15:22:09 +0200
Received: (qmail 21156 invoked by uid 501); 6 Jul 2013 13:22:08 -0000
Message-ID: <20130706132208.21155.qmail@stuge.se>
Date: Sat, 6 Jul 2013 15:22:08 +0200
From: Peter Stuge
To: libssh2-devel@cool.haxx.se
Subject: Re: Using the putty private key for authentication
Mail-Followup-To: libssh2-devel@cool.haxx.se
References:
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To:
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
Velichko Yuriy wrote:
> I have problems with authentification with putty privat key using
> function: libssh2_userauth_publickey_fromfile()
The file format used by PuTTY currently isn't supported by libssh2.
> Can anyone suggest how can I use the putty key to establish ssh
> connections.
libssh2 does support using keys loaded into a running Pageant.
//Peter
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 04:47:11 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r682kdiJ012977;
Mon, 8 Jul 2013 04:47:03 +0200
Received: from m13-140.163.com (m13-140.163.com [220.181.13.140])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r682kYBC012957;
Mon, 8 Jul 2013 04:46:35 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com;
s=s110527; h=Received:Date:From:To:Subject:In-Reply-To:
References:Content-Type:MIME-Version:Message-ID; bh=8wvEXtq7FSS6
ZeCK99Sljmhob6SUmx4UDL6nA5lf2e0=; b=Mo9wxiF6pNme8dJ47gp/++fWwj63
D/AwIaGKbune1ngXvT+9F/ENUxRH3gaqeJAr4um/sg4Iq+eT76loF6v3IRZ2fbBK
k3zXsBcfvokKr4YMM3LIR6toSFI1VRTVjldbxAENNF6RoFYF52vGoBnGYSiOFrpG
m0pH1xxuBnvOPuE=
Received: from e_balloon$163.com ( [220.248.0.154] ) by
ajax-webmail-wmsvr140 (Coremail) ; Mon, 8 Jul 2013 10:46:30 +0800 (CST)
X-Originating-IP: [220.248.0.154]
Date: Mon, 8 Jul 2013 10:46:30 +0800 (CST)
From: balloon
To: libssh2-devel@cool.haxx.se, curl-library@cool.haxx.se
Subject: Re:Re:Re: Segmentation fault libssh2_session_last_errno
(session=0x0) at session.c:1219 (Daniel Stenberg)
X-Priority: 3
X-Mailer: Coremail Webmail Server Version SP_ntes V3.5 build
20130613(22460.5432.5432) Copyright (c) 2002-2013 www.mailtech.cn 163com
In-Reply-To:
References:
X-CM-CTRLDATA: 1nashmZvb3Rlcl9odG09NTA3Mzo4MQ==
MIME-Version: 1.0
Message-ID: <2f94c453.a1db.13fbc2c5b40.Coremail.e_balloon@163.com>
X-CM-TRANSID: jMGowED5kEMHKNpR0_l_AA--.7242W
X-CM-SenderInfo: phbetzhorr0qqrwthudrp/xtbBzxZTd1D+ce0DagACsk
X-Coremail-Antispam: 1U5529EdanIXcx71UUUUU7vcSsGvfC2KfnxnUU==
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============1049472328=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============1049472328==
Content-Type: multipart/alternative;
boundary="----=_Part_153863_621824447.1373251590976"
------=_Part_153863_621824447.1373251590976
Content-Type: text/plain; charset=GBK
Content-Transfer-Encoding: 7bit
>This shows that the problem is in libcurl when sends a NULL to libssh2 so that
>it crashes.
>I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups
>there. I'd like you to rebuild libcurl with debug symbols left so that the
>stack trace becomes usable.
>It shouldn't matter that it is Java, but it can very well be a problem that
>occurs only with that specific server implementation.
I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.Here is my src code:#include
#include
size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream)
{
size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream);
return len;
}
int main(int argc, char**argv)
{
char host[100];
if(argc < 2)
{
std::cout<<"Nonono~~~input sftpserver ip pls."< CONNECT handle 0x86ecc8; line 1020 (connection #-5000)
* About to connect() to 9.111.23.100 port 22 (#0)
* Trying 9.111.23.100...
* Adding handle: conn: 0x877cf8
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* 0x865828 is at send pipe head!
* - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0
* STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0)
* Connected to 9.111.23.100 (9.111.23.100) port 22 (#0)
* SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT
* SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP
* STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0)
Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) bt
#0 0x0000000000000000 in ?? ()
#1 0x00000000005c4a20 in DES_SPtrans ()
#2 0x00000032759549e0 in ?? () from /lib64/libc.so.6
#3 0x0000000000000014 in ?? ()
#4 0x0000000000885778 in ?? ()
#5 0x0000000000887437 in ?? ()
#6 0x0000000000886780 in ?? ()
#7 0x00000000008869c0 in ?? ()
#8 0x0000000000886980 in ?? ()
#9 0xc3e557dbb4ac6000 in ?? ()
#10 0x22f09ddde873b1bc in ?? ()
#11 0x000000005c053c02 in ?? ()
#12 0x000000000088649c in ?? ()
#13 0x00007fffffffce30 in ?? ()
#14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8
)
at hostkey.c:329
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb)
------=_Part_153863_621824447.1373251590976
Content-Type: text/html; charset=GBK
Content-Transfer-Encoding: 7bit
>This shows that the problem is in libcurl when sends a NULL to libssh2 so that
>it crashes.
>I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups
>there. I'd like you to rebuild libcurl with debug symbols left so that the
>stack trace becomes usable.
>It shouldn't matter that it is Java, but it can very well be a problem that
>occurs only with that specific server implementation.
I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.
Here is my src code:
#include <iostream>
#include <curl.h>
size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream)
{
size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream);
return len;
}
int main(int argc, char**argv)
{
char host[100];
if(argc < 2)
{
std::cout<<"Nonono~~~input sftpserver ip pls."<<std::endl;
return 1;
}
strcpy(host,argv[1]);
std::string sftp_url="sftp://";
sftp_url+=host;
sftp_url+="/a.txt";
curl_easy_setopt(curl, CURLOPT_URL, sftp_url.c_str());
CURL *curl = curl_easy_init();
if (!curl)
{
std::cout<<"Fail to initialize curl."<<std::endl;
return 1;
}
curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PASSWORD);
curl_easy_setopt(curl, CURLOPT_USERPWD, "test:test");
FILE *fd = fopen("tmp.txt", "w");
curl_easy_setopt(curl, CURLOPT_WRITEDATA, fd);
curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
// specify downloading file size
curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)1);
CURLcode res = CURL_LAST;
res = curl_easy_perform(curl);
if (CURLE_OK == res)
{
std::cout<<"succeed."<<std::endl;
curl_easy_cleanup(curl);
return 0;
}
else
{
std::cout<<"fail."<<std::endl;
curl_easy_cleanup(curl);
return 1;
}
}
Here is the result, pls let me know what can I do next. Thanks.
Starting program: /root/a.out 9.111.23.100
warning: no loadable sections found in added symbol-file system-supplied DSO at 0x2aaaaaaab000
[Thread debugging using libthread_db enabled]
sftp url: sftp://9.111.23.100/a.txt
* STATE: INIT => CONNECT handle 0x86ecc8; line 1020 (connection #-5000)
* About to connect() to 9.111.23.100 port 22 (#0)
* Trying 9.111.23.100...
* Adding handle: conn: 0x877cf8
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* 0x865828 is at send pipe head!
* - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0
* STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0)
* Connected to 9.111.23.100 (9.111.23.100) port 22 (#0)
* SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT
* SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP
* STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0)
Program received signal SIGSEGV, Segmentation fault.
0x0000000000000000 in ?? ()
(gdb) bt
#0 0x0000000000000000 in ?? ()
#1 0x00000000005c4a20 in DES_SPtrans ()
#2 0x00000032759549e0 in ?? () from /lib64/libc.so.6
#3 0x0000000000000014 in ?? ()
#4 0x0000000000885778 in ?? ()
#5 0x0000000000887437 in ?? ()
#6 0x0000000000886780 in ?? ()
#7 0x00000000008869c0 in ?? ()
#8 0x0000000000886980 in ?? ()
#9 0xc3e557dbb4ac6000 in ?? ()
#10 0x22f09ddde873b1bc in ?? ()
#11 0x000000005c053c02 in ?? ()
#12 0x000000000088649c in ?? ()
#13 0x00007fffffffce30 in ?? ()
#14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8
)
at hostkey.c:329
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb)
------=_Part_153863_621824447.1373251590976--
--===============1049472328==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============1049472328==--
From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 15:38:00 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68DbcPq005632;
Mon, 8 Jul 2013 15:37:56 +0200
Received: from mailserver1.emailconfig.com (mailserver1.emailconfig.com
[109.68.33.146])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68Dbbas005599
for ; Mon, 8 Jul 2013 15:37:37 +0200
Received: from mail.jcfxtrading.com (localhost [127.0.0.1])
by mailserver1.emailconfig.com (Postfix) with ESMTPA id BEBF5340698
for ; Mon, 8 Jul 2013 14:37:32 +0100 (BST)
MIME-Version: 1.0
Date: Mon, 08 Jul 2013 06:37:32 -0700
From: chris@jcfxtrading.com
To: libssh2-devel@cool.haxx.se
Subject: openssh
Message-ID: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com>
X-Sender: chris@jcfxtrading.com
User-Agent: Webmail/0.9.2
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
libssh2 has a dependency on openssh
Where can I get hold of the openssh source files?
Thanks
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 15:50:14 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68Do9o8013863;
Mon, 8 Jul 2013 15:50:13 +0200
Received: from mail-vb0-x229.google.com (mail-vb0-x229.google.com
[IPv6:2607:f8b0:400c:c02::229])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68Do7lS013726
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Mon, 8 Jul 2013 15:50:07 +0200
Received: by mail-vb0-f41.google.com with SMTP id p13so3388010vbe.14
for ; Mon, 08 Jul 2013 06:50:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:content-type;
bh=mj41L5PwAFE4DDerqq28xaW4AlaeB6ABwie+cdRFOgY=;
b=RT+FBc03OmLQghVeoz9FgmcTwwb1ZqK8SGTqCPsy5Vo09BrCye6cy9dqiv+v/yk1jM
LBlQoggrkilFl0aAENooSKlbXkvKK3temL3vCP2GnL8xAMGMgp9pymzEHA4fvJABbr+k
n7/pYttY/q+89tWV8fgAqbAkfi/85qtj3P3PTwz9aGltU4DuiPDUnu+LVDxEgJyPKfDB
t6fdB5aUOeAUpLf5xkmUdDbmuQp9ncmVdx5IPy4T/sXrzrtDPk7jJGrP6dEF0eiGecxV
TaCgO381Xs9G1O+vib+Vg2huRxlLiLPwv8XSazVxoQgSPqCZiqIrdVfFxcI1y6M5JVCh
yOaw==
MIME-Version: 1.0
X-Received: by 10.58.238.167 with SMTP id vl7mr13911559vec.19.1373291401818;
Mon, 08 Jul 2013 06:50:01 -0700 (PDT)
Received: by 10.52.178.98 with HTTP; Mon, 8 Jul 2013 06:50:01 -0700 (PDT)
Received: by 10.52.178.98 with HTTP; Mon, 8 Jul 2013 06:50:01 -0700 (PDT)
In-Reply-To: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com>
References: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com>
Date: Mon, 8 Jul 2013 14:50:01 +0100
X-Google-Sender-Auth: k6Vsuotfq3_QD648VoZ0TUAWKAY
Message-ID:
Subject: Re: openssh
From: Alexander Lamaison
To: libssh2 development
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============0083645601=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============0083645601==
Content-Type: multipart/alternative; boundary=047d7bdcac182db98b04e10052f6
--047d7bdcac182db98b04e10052f6
Content-Type: text/plain; charset=ISO-8859-1
On 8 Jul 2013 14:39, wrote:
>
> libssh2 has a dependency on openssh
>
> Where can I get hold of the openssh source files?
http://bit.ly/12yacys
--047d7bdcac182db98b04e10052f6
Content-Type: text/html; charset=ISO-8859-1
On 8 Jul 2013 14:39, <chris@jcfxtrading.com> wrote:
>
> libssh2 has a dependency on openssh
>
> Where can I get hold of the openssh source files?
http://bit.ly/12yacys
--047d7bdcac182db98b04e10052f6--
--===============0083645601==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============0083645601==--
From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 17:48:46 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68FmTw3022458;
Mon, 8 Jul 2013 17:48:43 +0200
Received: from mail-ea0-x22b.google.com (mail-ea0-x22b.google.com
[IPv6:2a00:1450:4013:c01::22b])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68FmSee022427
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Mon, 8 Jul 2013 17:48:28 +0200
Received: by mail-ea0-f171.google.com with SMTP id m14so3008740eaj.16
for ; Mon, 08 Jul 2013 08:48:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type; bh=agywer+j9Te4auMhyO27JpwYLHPAqWaGKXV6NYRLBwg=;
b=eYwm/Luh98QdrIzUXFFpb6v3+noNsSymyMr69Bmq4hptO244a+AuzbmEMPFEBWXDOG
6QhCRg+HsvQ0aDFPeaZmCJIgT7srK8CfjTIVYuYfpFkG34MvLyFFtUsL2PvE9uR2ca0R
1EgvO4SoXVdpmCK+fkMvbBZfQ21jRbRtaYHOLvu6QQpGeby0+HHS9cF6kYEM64bjMo7u
FMps/M0XzXxcBvTLoVN8KYc+NH6QRdMRNao/A81vAnLSg10xcbZgfWHpUdXkM0p3Jen9
hay0wsQj1pn41wqkajnhD9J7b+yZhscEugqyItwztc2HdTbeSSADKo7q0Md01LEiqYDu
acvg==
MIME-Version: 1.0
X-Received: by 10.14.246.77 with SMTP id p53mr25470882eer.11.1373298504490;
Mon, 08 Jul 2013 08:48:24 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Mon, 8 Jul 2013 08:48:24 -0700 (PDT)
In-Reply-To:
References:
Date: Mon, 8 Jul 2013 08:48:24 -0700
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Kalpesh Parekh
To: libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============2079279347=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============2079279347==
Content-Type: multipart/alternative; boundary=001a1132f3f48804b404e101f902
--001a1132f3f48804b404e101f902
Content-Type: text/plain; charset=ISO-8859-1
First, apologies for not replying inline to the emails.
After your suggestions Alex, here is what I could determine.
I printed out the hex code for the session key for both RSA and DSA types
in my setup.
Here are the first few bytes:
(RSA) 00 00 00 07 73 73 68 2D 72 73 61 00 00 00 01 23 00 00 00 81
(DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81
As you mentioned, the first four bytes indicate, the length of the
identifier (7 in this case)
73 73 68 2D 72 73 61=ssh-rsa
73 73 68 2D 64 73 73=ssh-dsa
The next four bytes for RSA indicates some sort of value. In my case it is
#. For DSA, it indicates (length of the key + 1) verified through
ssh-keygen -l command.
For RSA, the last four bytes printed above indicate (length of the key + 1).
My next target is to decode the signature blobs. I feel like I am close and
can close this if any one can help.
On Thu, Jul 4, 2013 at 3:07 AM, Kalpesh Parekh wrote:
> Thanks Alex,
>
> So far it has been helpful.
>
> So based on the RFC, I understand that the host key received from the
> server has following components
> K_S || f || s
>
> I need to parse the K_S part for RSA key. How do I do that.
>
> Also, how can I implement a generic logic for getting the bit strength
> from the host key.
>
>
--001a1132f3f48804b404e101f902
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
First, a=
pologies for not replying inline to the emails.
After your sug=
gestions Alex, here is what I could determine.
I printed out t=
he hex code for the session key for both RSA and DSA types in my setup.
Here are the first few bytes:
(RSA) 00 00 00 07 73 73 68 =
2D 72 73 61 00 00 00 01 23 00 00 00 81=20
(DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81
As you mentioned, the first four bytes indicate, the length=
of the identifier=A0 (7 in this case)
73 73 68 2D 72 73 61=3Dssh-rsa
73 73 68 2D 64 73 73=3Dssh-dsa
The next four bytes for RSA i=
ndicates some sort of value. In my case it is #. For DSA, it indicates (len=
gth of the key + 1) verified through ssh-keygen -l command.
For RSA, the last four bytes printed above indicate (length of the ke=
y + 1).
My next target is to dec=
ode the signature blobs. I feel like I am close and can close this if any o=
ne can help.
On Thu, Jul 4, 2013 at 3:07 AM, K=
alpesh Parekh
<kalpesh.ork2@gmail.com> wrote:
Thanks Alex,
=A0
So far it has been helpful.
=A0
So based on the RFC, I understand that the host key received from the =
server has following components
K_S || f || s
=A0
I need to parse=A0the K_S part for RSA key. How do I do that.
=A0
Also, how can I implement a generic logic for getting the bit strength=
from the host key.
=A0
--001a1132f3f48804b404e101f902--
--===============2079279347==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============2079279347==--
From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 17:49:17 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68FnGwF022822;
Mon, 8 Jul 2013 17:49:17 +0200
Received: from mail-ee0-x230.google.com (mail-ee0-x230.google.com
[IPv6:2a00:1450:4013:c00::230])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68FnFfa022802
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Mon, 8 Jul 2013 17:49:15 +0200
Received: by mail-ee0-f48.google.com with SMTP id b47so2886513eek.21
for ; Mon, 08 Jul 2013 08:49:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type; bh=J0OHMSkouviGW2xu0p4Vxbh2BKablnGxG/4UaJyoTbU=;
b=UDutxGLEj+Z2cHZbU1L7ZUOuo+rrkdtIOpNrgpugTxr4FSnZFCEMto2C0aqILOhpsb
lbvxBNUj1fsENRE9KOEfqw/xYATTKoPmj5cCQ9jZ0s7bOqw4/YtcteBSzfuNHZm0qB+X
yQJDx8yGWEMNI97I3q1MQViM7YsubAVhGM/8ElX7Dmhj8IEtcuPxuknw1KPYw48Shbr0
Jqs44MX7/ZDRJEnYbqqUnJyntieylfPZM88+6azy2ZzMgexrUV3Q1lIcbjH3l3BtneQP
JpdPyDRjRsUV4/MzGlvELVHuVJYv3Li1iWoEVRJOTQ+NqqlSK9/fENnT7MYlodofRt35
911A==
MIME-Version: 1.0
X-Received: by 10.14.194.133 with SMTP id m5mr25616821een.109.1373298551466;
Mon, 08 Jul 2013 08:49:11 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Mon, 8 Jul 2013 08:49:11 -0700 (PDT)
In-Reply-To:
References:
Date: Mon, 8 Jul 2013 08:49:11 -0700
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Kalpesh Parekh
To: libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============0991591070=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============0991591070==
Content-Type: multipart/alternative; boundary=047d7b342f0654d78104e101fc4c
--047d7b342f0654d78104e101fc4c
Content-Type: text/plain; charset=ISO-8859-1
See this link
http://tools.ietf.org/html/rfc4253#page-15
Per the link, DSA signature is encoded as follows:
string "ssh-dss"
string dss_signature_blob
RSA signature is encoded as follows:
string "ssh-rsa"
string rsa_signature_blob
On Mon, Jul 8, 2013 at 8:48 AM, Kalpesh Parekh wrote:
> First, apologies for not replying inline to the emails.
>
> After your suggestions Alex, here is what I could determine.
>
> I printed out the hex code for the session key for both RSA and DSA types
> in my setup.
>
> Here are the first few bytes:
> (RSA) 00 00 00 07 73 73 68 2D 72 73 61 00 00 00 01 23 00 00 00 81
>
> (DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81
>
> As you mentioned, the first four bytes indicate, the length of the
> identifier (7 in this case)
> 73 73 68 2D 72 73 61=ssh-rsa
> 73 73 68 2D 64 73 73=ssh-dsa
>
> The next four bytes for RSA indicates some sort of value. In my case it is
> #. For DSA, it indicates (length of the key + 1) verified through
> ssh-keygen -l command.
> For RSA, the last four bytes printed above indicate (length of the key +
> 1).
>
>
>
>
> My next target is to decode the signature blobs. I feel like I am close
> and can close this if any one can help.
>
>
>
>
>
>
>
>
> On Thu, Jul 4, 2013 at 3:07 AM, Kalpesh Parekh wrote:
>
>> Thanks Alex,
>>
>> So far it has been helpful.
>>
>> So based on the RFC, I understand that the host key received from the
>> server has following components
>> K_S || f || s
>>
>> I need to parse the K_S part for RSA key. How do I do that.
>>
>> Also, how can I implement a generic logic for getting the bit strength
>> from the host key.
>>
>>
>
>
--047d7b342f0654d78104e101fc4c
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
See this link
http://tools.ietf.org/html/rfc4253#page-15=
Per the link, DSA signature is encoded as follows:
string "ssh-dss"
string dss_signature_blob
RSA signature is encoded as f=
ollows:
string "ssh-rsa"
string rsa_signature_blob
--047d7b342f0654d78104e101fc4c--
--===============0991591070==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============0991591070==--
From libssh2-devel-bounces@cool.haxx.se Mon Jul 8 20:28:15 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68IRt2H032622;
Mon, 8 Jul 2013 20:28:10 +0200
Received: from mail-out.m-online.net (mail-out.m-online.net [212.18.0.10])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68IRr73032588
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT)
for ; Mon, 8 Jul 2013 20:27:53 +0200
Received: from frontend1.mail.m-online.net (frontend1.mail.intern.m-online.net
[192.168.8.180])
by mail-out.m-online.net (Postfix) with ESMTP id 3bpwBf2Q5pz3hhjv
for ; Mon, 8 Jul 2013 20:27:53 +0200 (CEST)
Received: from localhost (dynscan1.mnet-online.de [192.168.6.68])
by mail.m-online.net (Postfix) with ESMTP id 3bpwBd2WJGzbbcv
for ; Mon, 8 Jul 2013 20:27:53 +0200 (CEST)
X-Virus-Scanned: amavisd-new at mnet-online.de
Received: from mail.mnet-online.de ([192.168.8.180])
by localhost (dynscan1.mail.m-online.net [192.168.6.68]) (amavisd-new,
port 10024)
with ESMTP id WqsDAZ0l9rDW for ;
Mon, 8 Jul 2013 20:27:52 +0200 (CEST)
X-Auth-Info: gkvLjP2uPb5N3bq8mllBthJpo0PmMvxk+Fpv/uS1M5o=
Received: from colibri.localdomain (ppp-93-104-61-73.dynamic.mnet-online.de
[93.104.61.73])
(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
(No client certificate requested)
by mail.mnet-online.de (Postfix) with ESMTPSA
for ; Mon, 8 Jul 2013 20:27:52 +0200 (CEST)
Received: by colibri.localdomain (Postfix, from userid 501)
id B966E10E9D; Mon, 8 Jul 2013 20:27:51 +0200 (CEST)
Date: Mon, 8 Jul 2013 20:27:51 +0200
From: Dan Fandrich
To: libssh2-devel@cool.haxx.se
Subject: Re: openssh
Message-ID: <20130708182751.GC26793@coneharvesters.com>
Mail-Followup-To: libssh2-devel@cool.haxx.se
References: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
On Mon, Jul 08, 2013 at 06:37:32AM -0700, chris@jcfxtrading.com wrote:
> libssh2 has a dependency on openssh
>
> Where can I get hold of the openssh source files?
Are you sure you don't mean OpenSSL? libssh2 had nothing to do with OpenSSH
last time I checked.
>>> Dan
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
From libssh2-devel-bounces@cool.haxx.se Tue Jul 9 01:00:18 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68MxshI017394;
Tue, 9 Jul 2013 01:00:14 +0200
Received: from mail-ve0-x229.google.com (mail-ve0-x229.google.com
[IPv6:2607:f8b0:400c:c01::229])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r68MxqoO017370
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Tue, 9 Jul 2013 00:59:52 +0200
Received: by mail-ve0-f169.google.com with SMTP id m1so4154549ves.0
for ; Mon, 08 Jul 2013 15:59:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:date
:x-google-sender-auth:message-id:subject:from:to:content-type;
bh=eJmCXfP3lE4CXUIKmD7rmavNv2tzUzy3KpHKQcn6ywM=;
b=YzfxvmvRqpruFQkbx6m0S8huD0N9SwYFC2XIgImVHnuKKumgV2U812+48iTAEqVlEw
Gby3l29fov3yIttcAW7+D3O20g73Hl8d85JEdDBC3bENcjKYDTP5rbI4WaTrq8rFLXW9
+NyNK+aCGbhtpbiBODxaD4uDu9m/04Wrf4tdF5awQx41rzzW8QXViGFOMuUxDa8QvL6K
akB6CPZXJ7K2kalszGRdcKES/BjpXBV12rmbnzgDqTIfrobsRePZMjXTPHwgplWuoItW
1UUr5E4Z8P8NmbxZgldh+FELJBehbp1PDjZW584YRVaGB5DH7JttDw+PFIdXWnfctvKn
b8lA==
MIME-Version: 1.0
X-Received: by 10.52.170.103 with SMTP id al7mr12700318vdc.27.1373324386548;
Mon, 08 Jul 2013 15:59:46 -0700 (PDT)
Received: by 10.52.178.98 with HTTP; Mon, 8 Jul 2013 15:59:46 -0700 (PDT)
In-Reply-To:
References:
Date: Mon, 8 Jul 2013 23:59:46 +0100
X-Google-Sender-Auth: 2iB_6fjmjqu2B4rTiMnklSGZgx8
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Alexander Lamaison
To: libssh2 development
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
On 8 July 2013 16:48, Kalpesh Parekh wrote:
> First, apologies for not replying inline to the emails.
>
> After your suggestions Alex, here is what I could determine.
>
> I printed out the hex code for the session key for both RSA and DSA types in
> my setup.
>
> Here are the first few bytes:
> (RSA) 00 00 00 07 73 73 68 2D 72 73 61 00 00 00 01 23 00 00 00 81
>
> (DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81
>
> As you mentioned, the first four bytes indicate, the length of the
> identifier (7 in this case)
> 73 73 68 2D 72 73 61=ssh-rsa
> 73 73 68 2D 64 73 73=ssh-dsa
>
> The next four bytes for RSA indicates some sort of value. In my case it is
> #.
That value is the RSA public exponent field 'e' (see [1]) in SSH
'mpint' form (see [2]). The cheeky thing about the way RFC 4251
defines mpint is that it says it is a two's complement integer *stored
as a string*. In other words it has a length-prefix, so your exponent
is a 1 byte two's-complement integer 35 (hex 23).
> For DSA, it indicates (length of the key + 1) verified through ssh-keygen
> -l command.
> For RSA, the last four bytes printed above indicate (length of the key + 1).
For DSA the next field is the public prime number 'p', again,
length-prefixed. This is the field of the DSA key that indicates it's
strength (at least that's how ssh-keygen -l calculates it). I'm
guessing the length is one byte more than expected because of the
following from the mpint definition:
"If the most significant bit would be set for a positive number, the
number MUST be preceded by a zero byte."
So the strength of the key is actually the number of significant bits
in the 'p' field, rather than the length in the string prefix, which
is reassuringly similar to how ssh-keygen calculates it by passing the
field to BN_num_bits.
Similarly for the RSA key, except that the next field is the public modulus 'n'.
> http://tools.ietf.org/html/rfc4253#page-15
>
> Per the link, DSA signature is encoded as follows:
> string "ssh-dss"
> string dss_signature_blob
>
> RSA signature is encoded as follows:
> string "ssh-rsa"
> string rsa_signature_blob
These are *signatures* rather than keys. I don't know exactly where
they fit in, but they don't seem to apply here.
Usual caveat: I've just worked this lot out from reading the RFCs etc,
so you should really check it with someone better versed in crypto.
[1] http://tools.ietf.org/html/rfc4253#page-15
[2] http://tools.ietf.org/html/rfc4251#page-9
Alex
--
Swish - Easy SFTP for Windows Explorer (http://www.swish-sftp.org)
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
From libssh2-devel-bounces@cool.haxx.se Tue Jul 9 09:23:04 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r697Mb1b014588;
Tue, 9 Jul 2013 09:22:59 +0200
Received: from m13-145.163.com (m13-145.163.com [220.181.13.145])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r697MUiL014546;
Tue, 9 Jul 2013 09:22:31 +0200
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=163.com;
s=s110527; h=Received:Date:From:To:Cc:Subject:In-Reply-To:
References:Content-Type:MIME-Version:Message-ID; bh=8Uia0QFXXyTz
afXYQpFR56X0EBKZdQIG+q/M5jvJStY=; b=FCDH/4bt3lxnwMHsfvhz6tL+IU/u
cNjInCFaKNqd1CTLF62pZDFhQBD9gmfbjcu1ZLEhSjGhSD6iW8lh1OErWMrxmfgz
cv5NnL82E1QE+k3tvzBIgAvkHD0Yy4T+fImunUgDEBSFfFV4VXfs4wM7AZqgWlD8
fpU2ddOJ/oGT5kc=
Received: from e_balloon$163.com ( [220.248.0.154] ) by
ajax-webmail-wmsvr145 (Coremail) ; Tue, 9 Jul 2013 15:22:23 +0800 (CST)
X-Originating-IP: [220.248.0.154]
Date: Tue, 9 Jul 2013 15:22:23 +0800 (CST)
From: balloon
To: balloon
Subject: Re:Re:libssh2-devel Digest, Vol 50, Issue 5
X-Priority: 3
X-Mailer: Coremail Webmail Server Version SP_ntes V3.5 build
20130613(22460.5432.5432) Copyright (c) 2002-2013 www.mailtech.cn 163com
In-Reply-To: <4da23617.3441.13fc11b83c4.Coremail.e_balloon@163.com>
References:
<4da23617.3441.13fc11b83c4.Coremail.e_balloon@163.com>
X-CM-CTRLDATA: Ggm5AWZvb3Rlcl9odG09OTkyNzo4MQ==
MIME-Version: 1.0
Message-ID: <4bb399db.b8d6.13fc24f4949.Coremail.e_balloon@163.com>
X-CM-TRANSID: kcGowECZj0IwuttRJZ6hAA--.5559W
X-CM-SenderInfo: phbetzhorr0qqrwthudrp/1tbiQApVd1EADVsTkAACsu
X-Coremail-Antispam: 1U5529EdanIXcx71UUUUU7vcSsGvfC2KfnxnUU==
Cc: libcurl development ,
libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============1649597800=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============1649597800==
Content-Type: multipart/alternative;
boundary="----=_Part_174616_96161550.1373354543433"
------=_Part_174616_96161550.1373354543433
Content-Type: text/plain; charset=GBK
Content-Transfer-Encoding: 7bit
At 2013-07-09 09:46:13,balloon wrote:
At 2013-07-08 18:00:03,libssh2-devel-request@cool.haxx.se wrote:
>Send libssh2-devel mailing list submissions to
> libssh2-devel@cool.haxx.se
>
>To subscribe or unsubscribe via the World Wide Web, visit
> http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
>or, via email, send a message with subject or body 'help' to
> libssh2-devel-request@cool.haxx.se
>
>You can reach the person managing the list at
> libssh2-devel-owner@cool.haxx.se
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of libssh2-devel digest..."
>
>
>Today's Topics:
>
> 1. Re:Re:Re: Segmentation fault libssh2_session_last_errno
> (session=0x0) at session.c:1219 (Daniel Stenberg) (balloon)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Mon, 8 Jul 2013 10:46:30 +0800 (CST)
>From: balloon
>To: libssh2-devel@cool.haxx.se, curl-library@cool.haxx.se
>Subject: Re:Re:Re: Segmentation fault libssh2_session_last_errno
> (session=0x0) at session.c:1219 (Daniel Stenberg)
>Message-ID: <2f94c453.a1db.13fbc2c5b40.Coremail.e_balloon@163.com>
>Content-Type: text/plain; charset="gbk"
>
>>This shows that the problem is in libcurl when sends a NULL to libssh2 so that
>>it crashes.
>
>>I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups
>>there. I'd like you to rebuild libcurl with debug symbols left so that the
>>stack trace becomes usable.
>
>>It shouldn't matter that it is Java, but it can very well be a problem that
>>occurs only with that specific server implementation.
>I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.Here is my src code:#include
>#include
>
>size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream)
>{
>
> size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream);
> return len;
>}
>
>int main(int argc, char**argv)
>{
>char host[100];
>if(argc < 2)
>{
>std::cout<<"Nonono~~~input sftpserver ip pls."<return 1;
>}
>strcpy(host,argv[1]);
>std::string sftp_url="sftp://";
>sftp_url+=host;
>sftp_url+="/a.txt";curl_easy_setopt(curl, CURLOPT_URL, sftp_url.c_str()); CURL *curl = curl_easy_init();
> if (!curl)
> {
> std::cout<<"Fail to initialize curl."< return 1;
> }
> curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PASSWORD);
> curl_easy_setopt(curl, CURLOPT_USERPWD, "test:test");
> FILE *fd = fopen("tmp.txt", "w");
>
> curl_easy_setopt(curl, CURLOPT_WRITEDATA, fd);
> curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
> curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
>
> // specify downloading file size
> curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)1);
> CURLcode res = CURL_LAST;
>
> res = curl_easy_perform(curl);
>
> if (CURLE_OK == res)
> {
> std::cout<<"succeed."< curl_easy_cleanup(curl);
> return 0;
> }
> else
> {
> std::cout<<"fail."< curl_easy_cleanup(curl);
> return 1;
> }
>}
>
>Here is the result, pls let me know what can I do next. Thanks.
>Starting program: /root/a.out 9.111.23.100
>warning: no loadable sections found in added symbol-file system-supplied DSO at 0x2aaaaaaab000
>[Thread debugging using libthread_db enabled]
>sftp url: sftp://9.111.23.100/a.txt
>* STATE: INIT => CONNECT handle 0x86ecc8; line 1020 (connection #-5000)
>* About to connect() to 9.111.23.100 port 22 (#0)
>* Trying 9.111.23.100...
>* Adding handle: conn: 0x877cf8
>* Adding handle: send: 0
>* Adding handle: recv: 0
>* Curl_addHandleToPipeline: length: 1
>* 0x865828 is at send pipe head!
>* - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0
>* STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0)
>* Connected to 9.111.23.100 (9.111.23.100) port 22 (#0)
>* SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT
>* SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP
>* STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0)
>
>Program received signal SIGSEGV, Segmentation fault.
>0x0000000000000000 in ?? ()
>(gdb) bt
>#0 0x0000000000000000 in ?? ()
>#1 0x00000000005c4a20 in DES_SPtrans ()
>#2 0x00000032759549e0 in ?? () from /lib64/libc.so.6
>#3 0x0000000000000014 in ?? ()
>#4 0x0000000000885778 in ?? ()
>#5 0x0000000000887437 in ?? ()
>#6 0x0000000000886780 in ?? ()
>#7 0x00000000008869c0 in ?? ()
>#8 0x0000000000886980 in ?? ()
>#9 0xc3e557dbb4ac6000 in ?? ()
>#10 0x22f09ddde873b1bc in ?? ()
>#11 0x000000005c053c02 in ?? ()
>#12 0x000000000088649c in ?? ()
>#13 0x00007fffffffce30 in ?? ()
>#14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8
>)
> at hostkey.c:329
>Backtrace stopped: previous frame inner to this frame (corrupt stack?)
>(gdb)
>
I can also send u the SFTP serve binary to reproduce and investigate this issue if needed, but I fail to send it in this mail list due to size limitation.
Maybe you can specify the space to me to upload the server binary. Thanks:)
------=_Part_174616_96161550.1373354543433
Content-Type: text/html; charset=GBK
Content-Transfer-Encoding: 7bit
At 2013-07-09 09:46:13,balloon <e_balloon@163.com> wrote: At 2013-07-08 18:00:03,libssh2-devel-request@cool.haxx.se wrote:>Send libssh2-devel mailing list submissions to
> libssh2-devel@cool.haxx.se
>
>To subscribe or unsubscribe via the World Wide Web, visit
> http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
>or, via email, send a message with subject or body 'help' to
> libssh2-devel-request@cool.haxx.se
>
>You can reach the person managing the list at
> libssh2-devel-owner@cool.haxx.se
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of libssh2-devel digest..."
>
>
>Today's Topics:
>
> 1. Re:Re:Re: Segmentation fault libssh2_session_last_errno
> (session=0x0) at session.c:1219 (Daniel Stenberg) (balloon)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Mon, 8 Jul 2013 10:46:30 +0800 (CST)
>From: balloon <e_balloon@163.com>
>To: libssh2-devel@cool.haxx.se, curl-library@cool.haxx.se
>Subject: Re:Re:Re: Segmentation fault libssh2_session_last_errno
> (session=0x0) at session.c:1219 (Daniel Stenberg)
>Message-ID: <2f94c453.a1db.13fbc2c5b40.Coremail.e_balloon@163.com>
>Content-Type: text/plain; charset="gbk"
>
>>This shows that the problem is in libcurl when sends a NULL to libssh2 so that
>>it crashes.
>
>>I'm cc'ing this reply to the libcurl mailing list. Please take follow-ups
>>there. I'd like you to rebuild libcurl with debug symbols left so that the
>>stack trace becomes usable.
>
>>It shouldn't matter that it is Java, but it can very well be a problem that
>>occurs only with that specific server implementation.
>I have tried hard to rebuild libcurl & libssh2 & openssl in debug mode. And succeed to reproduce segmentation fault, though this time seg info seems different.Here is my src code:#include <iostream>
>#include <curl.h>
>
>size_t write_callback(void *f_fp_ptr, size_t f_size, size_t f_nmemb, void *fp_stream)
>{
>
> size_t len = fwrite(f_fp_ptr, f_size, f_nmemb, (FILE *)fp_stream);
> return len;
>}
>
>int main(int argc, char**argv)
>{
>char host[100];
>if(argc < 2)
>{
>std::cout<<"Nonono~~~input sftpserver ip pls."<<std::endl;
>return 1;
>}
>strcpy(host,argv[1]);
>std::string sftp_url="sftp://";
>sftp_url+=host;
>sftp_url+="/a.txt";curl_easy_setopt(curl, CURLOPT_URL, sftp_url.c_str()); CURL *curl = curl_easy_init();
> if (!curl)
> {
> std::cout<<"Fail to initialize curl."<<std::endl;
> return 1;
> }
> curl_easy_setopt(curl, CURLOPT_SSH_AUTH_TYPES, CURLSSH_AUTH_PASSWORD);
> curl_easy_setopt(curl, CURLOPT_USERPWD, "test:test");
> FILE *fd = fopen("tmp.txt", "w");
>
> curl_easy_setopt(curl, CURLOPT_WRITEDATA, fd);
> curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
> curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_callback);
>
> // specify downloading file size
> curl_easy_setopt(curl, CURLOPT_INFILESIZE_LARGE, (curl_off_t)1);
> CURLcode res = CURL_LAST;
>
> res = curl_easy_perform(curl);
>
> if (CURLE_OK == res)
> {
> std::cout<<"succeed."<<std::endl;
> curl_easy_cleanup(curl);
> return 0;
> }
> else
> {
> std::cout<<"fail."<<std::endl;
> curl_easy_cleanup(curl);
> return 1;
> }
>}
>
>Here is the result, pls let me know what can I do next. Thanks.
>Starting program: /root/a.out 9.111.23.100
>warning: no loadable sections found in added symbol-file system-supplied DSO at 0x2aaaaaaab000
>[Thread debugging using libthread_db enabled]
>sftp url: sftp://9.111.23.100/a.txt
>* STATE: INIT => CONNECT handle 0x86ecc8; line 1020 (connection #-5000)
>* About to connect() to 9.111.23.100 port 22 (#0)
>* Trying 9.111.23.100...
>* Adding handle: conn: 0x877cf8
>* Adding handle: send: 0
>* Adding handle: recv: 0
>* Curl_addHandleToPipeline: length: 1
>* 0x865828 is at send pipe head!
>* - Conn 0 (0x877cf8) send_pipe: 1, recv_pipe: 0
>* STATE: CONNECT => WAITCONNECT handle 0x86ecc8; line 1067 (connection #0)
>* Connected to 9.111.23.100 (9.111.23.100) port 22 (#0)
>* SFTP 0x8781e0 state change from SSH_STOP to SSH_INIT
>* SFTP 0x8781e0 state change from SSH_INIT to SSH_S_STARTUP
>* STATE: WAITCONNECT => PROTOCONNECT handle 0x86ecc8; line 1180 (connection #0)
>
>Program received signal SIGSEGV, Segmentation fault.
>0x0000000000000000 in ?? ()
>(gdb) bt
>#0 0x0000000000000000 in ?? ()
>#1 0x00000000005c4a20 in DES_SPtrans ()
>#2 0x00000032759549e0 in ?? () from /lib64/libc.so.6
>#3 0x0000000000000014 in ?? ()
>#4 0x0000000000885778 in ?? ()
>#5 0x0000000000887437 in ?? ()
>#6 0x0000000000886780 in ?? ()
>#7 0x00000000008869c0 in ?? ()
>#8 0x0000000000886980 in ?? ()
>#9 0xc3e557dbb4ac6000 in ?? ()
>#10 0x22f09ddde873b1bc in ?? ()
>#11 0x000000005c053c02 in ?? ()
>#12 0x000000000088649c in ?? ()
>#13 0x00007fffffffce30 in ?? ()
>#14 0x000000000057f169 in hostkey_method_ssh_dss_sig_verify (session=Cannot access memory at address 0xffffffffffffffe8
>)
> at hostkey.c:329
>Backtrace stopped: previous frame inner to this frame (corrupt stack?)
>(gdb)
>
I can also send u the SFTP serve binary to reproduce and investigate this issue if needed, but I fail to send it in this mail list due to size limitation.
Maybe you can specify the space to me to upload the server binary. Thanks:)
------=_Part_174616_96161550.1373354543433--
--===============1649597800==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
--===============1649597800==--
From libssh2-devel-bounces@cool.haxx.se Tue Jul 9 10:44:57 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r698iksR006489;
Tue, 9 Jul 2013 10:44:55 +0200
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r698ii3B006483
for ; Tue, 9 Jul 2013 10:44:45 +0200
Received: from int-mx01.intmail.prod.int.phx2.redhat.com
(int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r698iVdv014484
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);
Tue, 9 Jul 2013 04:44:31 -0400
Received: from kdudka.brq.redhat.com (kdudka.brq.redhat.com [10.34.4.67])
by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id
r698iUgA003905; Tue, 9 Jul 2013 04:44:31 -0400
From: Kamil Dudka
To: Dan Fandrich
Subject: Re: openssh
Date: Tue, 9 Jul 2013 10:42:45 +0200
User-Agent: KMail/1.12.4 (Linux/2.6.32-358.el6.x86_64; KDE/4.3.4; x86_64; ; )
References: <2d99c3f71b93b46f7858d4d7b93631ff@jcfxtrading.com>
<20130708182751.GC26793@coneharvesters.com>
In-Reply-To: <20130708182751.GC26793@coneharvesters.com>
MIME-Version: 1.0
Message-Id: <201307091042.45634.kdudka@redhat.com>
X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11
Cc: libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
On Monday 08 July 2013 20:27:51 Dan Fandrich wrote:
> On Mon, Jul 08, 2013 at 06:37:32AM -0700, chris@jcfxtrading.com wrote:
> > libssh2 has a dependency on openssh
> >
> > Where can I get hold of the openssh source files?
>
> Are you sure you don't mean OpenSSL? libssh2 had nothing to do with
> OpenSSH last time I checked.
It uses OpenSSH as a testing server for the smoke test which runs
on 'make check'.
Kamil
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
From libssh2-devel-bounces@cool.haxx.se Tue Jul 9 15:18:23 2013
Return-Path:
Received: from www.haxx.se (localhost.localdomain [127.0.0.1])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r69DHF3A027768;
Tue, 9 Jul 2013 15:18:17 +0200
Received: from mail-ee0-x22d.google.com (mail-ee0-x22d.google.com
[IPv6:2a00:1450:4013:c00::22d])
by giant.haxx.se (8.14.4/8.14.4/Debian-2) with ESMTP id r69DHDeT027751
(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
for ; Tue, 9 Jul 2013 15:17:13 +0200
Received: by mail-ee0-f45.google.com with SMTP id c1so3617525eek.4
for ; Tue, 09 Jul 2013 06:17:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:content-type; bh=dNl0W+O3yZ0MfwmoyBBVn7yCfA9Qj6woWoLIzR3KzbI=;
b=CwWQQ9iy/x0mytbF54G8kDbz2k7vJ4roJZIs97igB1J+LA9MnRN+kdPFh/IRJlHD6G
AOKKGRhLHNJ3UF0GjDjIfEpnPxuR9LB0OISvtUuO2SVG6GWaF91510ORuGDYxx71KuRd
WUkYYv8ueqIWR1qQcHYk4mpHhu69j+yuj9HjvSZA6eUcqpMcMffeO6g0S+qWV5oSAQgG
LkezOgDRSlu4Kvz/c7yDFRZ8VQ1rw44Grnq0p2ShWqJbf39v0s1vnLwoxgf90/PC4ZR8
WLRz1V1OCmZ4tzBxFhtZPKauCwlCdJ5+rnUadBif6cqLpc6yZyKvSwBMVSEy5OuA1AI/
8I4w==
MIME-Version: 1.0
X-Received: by 10.15.49.9 with SMTP id i9mr29992210eew.69.1373375829495; Tue,
09 Jul 2013 06:17:09 -0700 (PDT)
Received: by 10.14.47.203 with HTTP; Tue, 9 Jul 2013 06:17:09 -0700 (PDT)
In-Reply-To:
References:
Date: Tue, 9 Jul 2013 06:17:09 -0700
Message-ID:
Subject: Re: SSH2 host key length and hash compute
From: Kalpesh Parekh
To: libssh2-devel@cool.haxx.se
X-BeenThere: libssh2-devel@cool.haxx.se
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: libssh2 development
List-Id: libssh2 development
List-Unsubscribe: ,
List-Archive:
List-Post:
List-Help:
List-Subscribe: ,
Content-Type: multipart/mixed; boundary="===============1527689613=="
Errors-To: libssh2-devel-bounces@cool.haxx.se
Sender: "libssh2-devel"
--===============1527689613==
Content-Type: multipart/alternative; boundary=001a11c3428275fcac04e113fad3
--001a11c3428275fcac04e113fad3
Content-Type: text/plain; charset=ISO-8859-1
This is the logic I have used and tested against a limited set of servers:
1) RSA key -
i) Read the length of identifier
ii) Skip that many bytes
iii) Read the length of the exponent
iv) Skip that many bytes
v) Read the length of modulus.
vi) If the first byte of modulus is 0x00 subtract -1 from the length of
modulus. This is based on the RFC definition of mpint and some examples as
follows. Example 2 and 3 are noteworthy. The length is 08 and the MSB is 0.
So no padding with 0x00 was done. But for example 3, the padding was done
and the length was set to 2.
Examples:
value (hex) representation (hex)
----------- --------------------
0 00 00 00 00
9a378f9b2e332a7 00 00 00 08 09 a3 78 f9 b2 e3 32 a7
80 00 00 00 02 00 80
-1234 00 00 00 02 ed cc
-deadbeef 00 00 00 05 ff 21 52 41 11
2) DSA key -
i) Read the length of identifier
ii) Skip that many bytes
iii) Read the length of the modulus
iv) If the first byte of modulus is 0x00 subtract -1 from the length of
modulus.
The logic is based off on RFC 4253-page #15 where the DSS key format and
RSS key formats have been defined. The interpretation of the fields
p,q,g,y, e and n can be found in RFC 3447, sec 3.1 and FIPS publication
186. The commonality is modulus represents (n for RSA and p for DSS) the
length of the host key in bytes.
Can some one from crypto group confirm if the interpretation is correct?
Alex, I hope I am correct in saying that p,q,g & y form the
dss_signature_blob and e,n form the rss_signature blob.
On Mon, Jul 8, 2013 at 8:49 AM, Kalpesh Parekh wrote:
> See this link
>
> http://tools.ietf.org/html/rfc4253#page-15
>
> Per the link, DSA signature is encoded as follows:
> string "ssh-dss"
> string dss_signature_blob
>
> RSA signature is encoded as follows:
> string "ssh-rsa"
> string rsa_signature_blob
>
>
> On Mon, Jul 8, 2013 at 8:48 AM, Kalpesh Parekh wrote:
>
>> First, apologies for not replying inline to the emails.
>>
>> After your suggestions Alex, here is what I could determine.
>>
>> I printed out the hex code for the session key for both RSA and DSA types
>> in my setup.
>>
>> Here are the first few bytes:
>> (RSA) 00 00 00 07 73 73 68 2D 72 73 61 00 00 00 01 23 00 00 00 81
>>
>> (DSA) 00 00 00 07 73 73 68 2D 64 73 73 00 00 00 81
>>
>> As you mentioned, the first four bytes indicate, the length of the
>> identifier (7 in this case)
>> 73 73 68 2D 72 73 61=ssh-rsa
>> 73 73 68 2D 64 73 73=ssh-dsa
>>
>> The next four bytes for RSA indicates some sort of value. In my case it
>> is #. For DSA, it indicates (length of the key + 1) verified through
>> ssh-keygen -l command.
>> For RSA, the last four bytes printed above indicate (length of the key +
>> 1).
>>
>>
>>
>>
>> My next target is to decode the signature blobs. I feel like I am close
>> and can close this if any one can help.
>>
>>
>>
>>
>>
>>
>>
>>
>> On Thu, Jul 4, 2013 at 3:07 AM, Kalpesh Parekh wrote:
>>
>>> Thanks Alex,
>>>
>>> So far it has been helpful.
>>>
>>> So based on the RFC, I understand that the host key received from the
>>> server has following components
>>> K_S || f || s
>>>
>>> I need to parse the K_S part for RSA key. How do I do that.
>>>
>>> Also, how can I implement a generic logic for getting the bit strength
>>> from the host key.
>>>
>>>
>>
>>
>
--001a11c3428275fcac04e113fad3
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
This is the logic I have used and tested against=
a limited set of servers:
1) RSA key -
=A0=A0=A0 i=
) Read the length of identifier
=A0=A0=A0 ii) Skip that many bytes
=
=A0=A0=A0 iii) Read the length of the exponent
=A0=A0=A0 iv) Skip that many bytes
=A0=A0=A0 v) Read the leng=
th of modulus.
=A0=A0=A0 vi) If the first byte of modulus is =
0x00 subtract -1 from the length of modulus. This is based on the RFC defin=
ition of mpint and some examples as follows. Example 2 and 3 are noteworthy=
. The length is 08 and the MSB is 0. So no padding with 0x00 was done. But =
for example 3, the padding was done and the length was set to 2.
Examples:
value (hex) representation (hex)
----------- --------------------
0 00 00 00 00
9a378f9b2e332a7 00 00 00 08 09 a3 78 f9 b2 e3 32 a7
80 00 00 00 02 00 80
-1234 00 00 00 02 ed cc
-deadbeef 00 00 00 05 ff 21 52 41 11
2=
) DSA key -
=A0=A0=A0 i) Read the length of identifier
=A0=A0=
=A0 ii) Skip that many bytes
=A0=A0=A0 iii) Read the length of the modul=
us
=A0=A0=A0 iv) If the first byte of modulus is 0x00 subtract -1 from t=
he length of
modulus.
The logic is based off on RFC 4253-page #15 wh=
ere the DSS key format and RSS key formats have been defined. The interpret=
ation of the fields p,q,g,y, e and n can be found in RFC 3447, sec 3.1 and =
FIPS publication 186. The commonality is modulus represents (n for RSA and =
p for DSS) the length of the host key in bytes.
Can some one from crypto group confirm if the interpretation=
is correct?
Alex, I hope I am correct in saying that p,q=
,g & y form the dss_signature_blob and e,n form the rss_signature blob.=