Key re-exchange bug? (wodSSHServer)

Hello,

We (PuTTY) have had a report that freeSSHd, which appears to be based on WeOnlyDo, freezes when PuTTY initiates a repeat key exchange. (PuTTY only started doing this in 0.58.)

The freeSSHd in question reports a version string of WeOnlyDo-1.2.6 , which presumably corresponds to the latest version of your software. We've added that string to our list of buggy implementations, so that development snapshots of PuTTY won't initiate key re-exchanges with WeOnlyDo.

However, that's not an ideal solution security-wise. Can you confirm this as a problem in your product, and if so, say which versions it's in (and what SSH version strings they report)? In particular, if you fix it, we can restrict PuTTY's idea of buggy servers so that key re-exchange isn't needlessly avoided.

(I realise this could in principle be a freeSSHd problem rather than a WeOnlyDo one. What do you think?)

Cheers -- Jacob Nevins

Jacob,

I'm aware of this, Kreso from freesshd.com told me about it and we'll do some debugging this week to see how to make a fix. I can send you email when done, if you're interested. If so, please let me know your email, you can do so on techsupport@weonlydo.com

Regards,
Kreso

This is now fixed since version 1.2.7.

This is now fixed since version 1.2.7.

Thanks a lot.

Thanks for fixing this. For completeness, we've updated PuTTY in the snapshots so that it should by default disable key re-exchange for all versions of WeOnlyDo <= 1.2.6, but not for more recent versions.

This is now fixed since version 1.2.7.

Hi.

Sorry for telling this, but the bug still exists.
I'm using the recent version 1.2.1 (ID-String: SSH-2.0-WeOnlyDo 2.0.3) and it still crashes if I enable re-keying after some time.

Regards,
mario

Thread @ freesshd-Forum

Hi Mario,

I have tried to duplicate your problem but unfortunately didn't have luck.

Can you give us some guide how to duplicate it? Did you try using our samples?

Also please make sure that you are using latest 2.0.4.255 version of wodSSHServer. You can download it from our website.

Let us know how it goes.

Regards,
Drazen

Also please make sure that you are using latest 2.0.4.255 version of wodSSHServer. You can download it from our website.

Hi Drazen,

thx for your quick response.

I have no idea, where to find the .255 version. On this page you only offer 2.0.4 to download. I tried with this one and as ssh-client I used Putty v0.60 (latest version).

For example, if you set at the putty-config max minutes before rekey 1 minutes, then the first rekey after 60secs will be successfull.
But now, keep putty open and you'll see, that the second rekeying-procedure after another 60secs won't work and the connection will be lost, because putty will exit with the error Incoming packet was garbled on decryption after you type a letter.

It is necessery, that you don't type anything on the existing ssh-shell before the 2nd rekeying-interval. This problem occours only, if no bytes are transmittet.

Regards,
mario

Mario,

I have tried what you suggest but it works for me. Which protocol are you using? Which wodSSHServer sample are you using?

Please make sure that wodSSHServer Timeout Property is set to 0.

More help for Timeout Property you can find here:
http://www.weonlydo.com/SSHServer/Help/wodSSHDLIB~wodSSHD~Timeout.html

Drazen

Which wodSSHServer sample are you using?

I made a little screen-cap (DivX encoded):
http://rapidshare.com/files/129254505/cap.avi.html
Click the left button Free-User and wait, till the Doanload -button appears.

It should demonstrate the exact procedure to cause the bug.

Regards,
mario

Mario,

Can you please add this line in wodSSHServer 3. Shell sample and try it again:
[code]
SSHD1.Timeout = 0
SSHD1.Start
[/code]

Drazen

[code]
SSHD1.Timeout = 0
SSHD1.Start
[/code]

Drazen,

that's not the solution - the bug still exists.

However, i don't think, there's something wrong with the timeout.
It occours also if you repeat the two rekeying-procedures after a few seconds interval.

Have you tried my screencap-scenario? Did it work for you?

Regards,
mario

Mario,

Thanks, I manage to duplicate it. I will now forward this issue to our developers to see if they can done same in debug mode.

You should receive response from them when they have more about your problem.

Drazen

Mario,

Problem with key re-exchange should be fixed. Can you please request update and try it out.

Let us know how it goes.

Drazen

Problem with key re-exchange should be fixed.

Yep, by version 2.0.5 it's now working :D thx very much.

Your developers are very quick - thumbs up :)

Regards,
mario