DEVHIDE
Login Or Sign up

Unable to make ssh connection to Cisco IOS device using wolfssh library

445 Views Asked by At

Trying to connect to a cisco ios device using wolfssh library.

Following is the code snippet used to connect

    WOLFSSH_CTX* ctx = NULL;
    WOLFSSH* ssh = NULL;
    SOCKET_T sockFd = WOLFSSH_SOCKET_INVALID;
    SOCKADDR_IN_T clientAddr;
    socklen_t clientAddrSz = sizeof(clientAddr);
    char rxBuf[80];
    int ret;
    int ch;
    word16 port = 22;
    const char* host = "xx.xx.xx.xx";
    const char* username = "wwww";
    const char* password = "wwww";
    const char* cmd = "sh clock";

    wolfSSH_Debugging_ON();

    WSTARTTCP();
    wolfSSH_Init();

    ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_CLIENT, NULL);
    if (ctx == NULL)
        err_sys("Couldn't create wolfSSH client context.");

    wolfSSH_SetUserAuth(ctx, wsUserAuth);

    ssh = wolfSSH_new(ctx);
    if ( ssh == NULL ) {
        err_sys("Failed to create SSH");
    }

    wolfSSH_SetUserAuthCtx(ssh, (void*)password);

    ret = wolfSSH_SetUsername(ssh, username);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't set the username.");

    build_addr(&clientAddr, (char *)host, port);
    tcp_socket(&sockFd);
    ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
    if (ret != 0) {
        err_sys("Couldn't connect to server.");
    }
    else {
        cout << "Connected to "<<host<<endl;
    }

    ret = wolfSSH_set_fd(ssh, (int)sockFd);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't set the session's socket.");



    ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_EXEC,
        NULL, 0);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't set the channel type.");

    ret = wolfSSH_connect(ssh);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't connect ssh.");

But ended up with the following error log. Unable to proceed. Getting error in wolfSSH_connect(ssh)

2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_Init()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_Init(), returning 0
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_CTX_new()
2020-05-13 07:01:55 [DEBUG] Entering CtxInit()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_CTX_new(), ctx = 00000072FB1E7D80
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_new()
2020-05-13 07:01:55 [DEBUG] Entering SshInit()
2020-05-13 07:01:55 [DEBUG] Entering HandshakeInfoNew()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_new(), ssh = 00000072FB1E93E0
Connected to xx.xx.xx.xx
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_set_fd()
2020-05-13 07:01:55 [DEBUG] No subsystem name or name was too large
2020-05-13 07:02:04 [DEBUG] Entering wolfSSH_connect()
2020-05-13 07:02:30 [DEBUG] SSH-2.0-wolfSSHv1.4.3

2020-05-13 07:02:30 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-13 07:02:30 [DEBUG] Embed Send trying to send 23
2020-05-13 07:02:30 [DEBUG] Embed Send sent 23
2020-05-13 07:02:30 [DEBUG] SB: Shrinking output buffer
2020-05-13 07:02:30 [DEBUG] Entering ShrinkBuffer()
2020-05-13 07:02:30 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-13 07:02:30 [DEBUG] SB: releasing dynamic buffer
2020-05-13 07:02:30 [DEBUG] Leaving ShrinkBuffer()
2020-05-13 07:02:34 [DEBUG] connect state: CLIENT_VERSION_SENT
2020-05-13 07:02:41 [DEBUG] Receive: recvd = 255
2020-05-13 07:03:30 [DEBUG] get input text failed
2020-05-13 07:03:35 [DEBUG] connect error: CLIENT_VERSION_SENT, -1013

Update

Tried the same code with wolfssh 1.4.4 (current version from github) It has made some progress in ssh connect. But it is crashing in rsa.c , at XMEMSET...

int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
{
    int ret = 0;

    if (key == NULL) {
        return BAD_FUNC_ARG;
    }

    XMEMSET(key, 0, sizeof(RsaKey));

Following is the error log.

2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_Init()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_Init(), returning 0
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_CTX_new()
2020-05-15 05:51:28 [DEBUG] Entering CtxInit()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_CTX_new(), ctx = 000000AFC91FDFD0
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_new()
2020-05-15 05:51:28 [DEBUG] Entering SshInit()
2020-05-15 05:51:28 [DEBUG] Entering HandshakeInfoNew()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_new(), ssh = 000000AFC91FE050
Connected to xx.xx.xx.xx
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_set_fd()
2020-05-15 05:51:32 [DEBUG] No subsystem name or name was too large
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_connect()
2020-05-15 05:51:38 [DEBUG] SSH-2.0-wolfSSHv1.4.4

2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 23
2020-05-15 05:51:38 [DEBUG] Embed Send sent 23
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_VERSION_SENT
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 255
2020-05-15 05:51:38 [DEBUG] Checking for old version of protocol exchange
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 236, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] connect state: SERVER_VERSION_DONE
2020-05-15 05:51:38 [DEBUG] Entering SendKexInit()
2020-05-15 05:51:38 [DEBUG] BP: paddingSz = 4
2020-05-15 05:51:38 [DEBUG] CreateMac none
2020-05-15 05:51:38 [DEBUG] Encrypt none
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 376
2020-05-15 05:51:38 [DEBUG] Embed Send sent 376
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] Leaving SendKexInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_KEXINIT_SENT
2020-05-15 05:51:38 [DEBUG] PR1: size = 8
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] PR2: size = 312
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 76
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] VerifyMac none
2020-05-15 05:51:38 [DEBUG] VM: inSz = 312
2020-05-15 05:51:38 [DEBUG] VM: seq = 0
2020-05-15 05:51:38 [DEBUG] VM: keyLen = 0
2020-05-15 05:51:38 [DEBUG] DoPacket sequence number: 0
2020-05-15 05:51:38 [DEBUG] Decoding MSGID_KEXINIT
2020-05-15 05:51:38 [DEBUG] Entering DoKexInit()
2020-05-15 05:51:38 [DEBUG] DKI: KEX Algorithms
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = diffie-hellman-group14-sha1
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Server Host Key Algorithms
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = ssh-rsa
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Enc Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = aes128-ctr
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Enc Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = aes128-ctr
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: MAC Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha2-256
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1-96
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: MAC Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha2-256
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1-96
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Compression Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = none
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Compression Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = none
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Languages - Client to Server
2020-05-15 05:51:38 [DEBUG] DKI: Languages - Server to Client
2020-05-15 05:51:38 [DEBUG] DKI: KEX Packet Follows
2020-05-15 05:51:38 [DEBUG] DKI: For Future Use
2020-05-15 05:51:38 [DEBUG] Leaving DoKexInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] PR3: peerMacSz = 0
2020-05-15 05:51:38 [DEBUG] PR4: Shrinking input buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 1
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] PR5: txCount = 376, rxCount = 312
2020-05-15 05:51:38 [DEBUG] connect state: SERVER_KEXINIT_DONE
2020-05-15 05:51:38 [DEBUG] Entering SendKexDhInit()
2020-05-15 05:51:38 [DEBUG] BP: paddingSz = 5
2020-05-15 05:51:38 [DEBUG] CreateMac none
2020-05-15 05:51:38 [DEBUG] Encrypt none
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 272
2020-05-15 05:51:38 [DEBUG] Embed Send sent 272
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] Leaving SendKexDhInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_KEXDH_INIT_SENT
2020-05-15 05:51:38 [DEBUG] PR1: size = 8
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 8
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] PR2: size = 832
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 824
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] VerifyMac none
2020-05-15 05:51:38 [DEBUG] VM: inSz = 832
2020-05-15 05:51:38 [DEBUG] VM: seq = 1
2020-05-15 05:51:38 [DEBUG] VM: keyLen = 0
2020-05-15 05:51:38 [DEBUG] DoPacket sequence number: 1
2020-05-15 05:51:38 [DEBUG] Decoding MSGID_KEXDH_REPLY
2020-05-15 05:51:38 [DEBUG] Entering DoKexDhReply()
2020-05-15 05:51:38 [DEBUG] DKDR: no public key check callback, accepted

Following is the log from putty. Which gets connected to the same ios device.

2020-05-15 19:53:37 Connecting to xx.xx.x.x port 22
2020-05-15 19:53:37 We claim version: SSH-2.0-PuTTY_Release_0.70
2020-05-15 19:53:38 Server version: SSH-2.0-Cisco-1.25
2020-05-15 19:53:38 We believe remote version has SSH-1 ignore bug
2020-05-15 19:53:38 We believe remote version needs a plain SSH-1 password
2020-05-15 19:53:38 We believe remote version can't handle SSH-1 RSA authentication
2020-05-15 19:53:38 Using SSH protocol version 2
2020-05-15 19:53:38 Doing Diffie-Hellman group exchange
2020-05-15 19:53:38 Doing Diffie-Hellman key exchange with hash SHA-1
2020-05-15 19:53:39 Host key fingerprint is:
2020-05-15 19:53:39 ssh-rsa 2048 7c:23:fc:cf:17:2a:9e:6b:38:d8:03:21:67:0f:b4:c3
2020-05-15 19:53:39 Initialised AES-256 SDCTR client->server encryption
2020-05-15 19:53:39 Initialised HMAC-SHA-256 client->server MAC algorithm
2020-05-15 19:53:39 Initialised AES-256 SDCTR server->client encryption
2020-05-15 19:53:39 Initialised HMAC-SHA-256 server->client MAC algorithm
c ssh visual-studio-2017 wolfssl
Original Q&A
1

There are 1 best solutions below

2
On

There is a couple things to check.

The first being that wolfSSH_SetChannelType should take the command and length of command as last two arguments.

 ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_EXEC,
        cmd, sizeof(cmd));

This could just be a typo though and I'd expect it to get a different error like -1009 farther on in the connection, so this is not the main issue here.

The second thing to check is the version of SSH that the cisco ios device is supporting. This could cause the version error listed if it is using an older version of SSH.

The third, and most probable thing that could be helpful here, is if this is on the release bundle of wolfSSH 1.4.3 it has a strict requirement that the protocol exchange message ends in a "\r\n" as per the RFC. This was updated to be more lenient in wolfSSH release 1.4.4 to allow for protocol exchanges with just "\n". Looking at the debug log provided I suspect this issue will go away when updating to wolfSSH 1.4.4 or by applying the change from github here (https://github.com/wolfSSL/wolfssh/pull/213).

Regards, Jacob

Related Questions in C

Related Questions in SSH

Related Questions in VISUAL-STUDIO-2017

Related Questions in WOLFSSL

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.