Stephen Terry | 18 Jul 17:34 2016

Re: Linker errors building ssh2 on Windows (Visual Studio 2008)

ok, I found what I was looking for here:
    https://slproweb.com/products/Win32OpenSSL.html
Thanks

On 7/16/2016 6:37 PM, Stephen Terry wrote:
> Hi,
> I'm trying to build libssh2 1.7.0 using Windows Visual Studio 2008.
> I am getting "unresolved external symbol" linker errors, I assume because I have
> out of date versions of libeay32.lib zlib.lib. Could someone point me to
> the where to find the correct libraries (or appropriate build instructions)? Thanks
>
> satpath
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Picon

curl WinSSL and libssh2 WinCNG auto-build downloads

Hello everyone,

I am now automatically building a release (debug features disabled)
version of curl and libssh2 after running the test suite for my
WinSSL/SChannel (Windows-native TLS-backend) auto-builds. You can get
the full build directory after buildconf, configure and make from the
following location:
https://dl.uxnr.de/build/curl/

The main page contains a directory per builder (build environment) as
well as a symlink to the latest build result. Beware, this may not
correspond to the latest git commit. Inside the builder directory you
will find build results by git tag and revision.

The corresponding build history and log files can be found here (in
addition to the temporary curl auto-builds page):
https://curlbuild.uxnr.de/waterfall

libcurl is linked against libssh2 which is build the same way using the
WinCNG (Windows-native Crypto-backend). You can get it from the
following location:
https://dl.uxnr.de/build/libssh2/

The corresponding build history and log files can be found here:
https://libssh2build.uxnr.de/waterfall

I also plan to create a nice looking build status and download page at
some point. But for now I am looking forward to your feedback, like
suggestions to the actual builds and files themselves.

(Continue reading)

Moti Avrahami | 28 Jun 11:34 2016
Picon

Failed to exchange encryption keys when connect to Debian

Hi,

 

I failed to connect to the SFTP server – SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u4.

I am using curl.exe (7.47.1) with libssh2 (1.7.0) and openSSL (0.9.8) and get the error:

[libssh2] 0.506250 Failure Event: -5 - Unable to exchange encryption keys

* Failure establishing ssh session

 

Do you know what can be the cause?

Maybe this doesn’t support the libssh2 algorithms?

 

Thanks,

Moti

 

By the way, this is the full trace:

[libssh2] 0.459375 Conn: Setting blocking mode OFF

[libssh2] 0.459375 Transport: session_startup for socket 156

[libssh2] 0.459375 Transport: Sending Banner: SSH-2.0-libssh2_1.7.0

[libssh2] 0.459375 Socket: Sent 23/23 bytes at 004DA6C0+0

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Transport: Received Banner: SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u4

[libssh2] 0.615625 Key Ex: Sent KEX: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

[libssh2] 0.615625 Key Ex: Sent HOSTKEY: ssh-rsa,ssh-dss

[libssh2] 0.615625 Key Ex: Sent CRYPT_CS: aes256-cbc,rijndael-cbc <at> lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc

[libssh2] 0.615625 Key Ex: Sent CRYPT_SC: aes256-cbc,rijndael-cbc <at> lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc

[libssh2] 0.615625 Key Ex: Sent MAC_CS: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160 <at> openssh.com

[libssh2] 0.615625 Key Ex: Sent MAC_SC: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160 <at> openssh.com

[libssh2] 0.615625 Key Ex: Sent COMP_CS: none

[libssh2] 0.615625 Key Ex: Sent COMP_SC: none

[libssh2] 0.615625 Key Ex: Sent LANG_CS:

[libssh2] 0.615625 Key Ex: Sent LANG_SC:

=> libssh2_transport_write plain (663 bytes)

0000: 14 30 B0 BB FA 02 DA BC  09 75 DA 15 A5 20 E6 B2 : .0°»ת..¼               u..¥ ז²

0010: 80 00 00 00 7E 64 69 66  66 69 65 2D 68 65 6C 6C : ....~diffie-hell

0020: 6D 61 6E 2D 67 72 6F 75  70 2D 65 78 63 68 61 6E : man-group-exchan

0030: 67 65 2D 73 68 61 32 35  36 2C 64 69 66 66 69 65 : ge-sha256,diffie

0040: 2D 68 65 6C 6C 6D 61 6E  2D 67 72 6F 75 70 2D 65 : -hellman-group-e

0050: 78 63 68 61 6E 67 65 2D  73 68 61 31 2C 64 69 66 : xchange-sha1,dif

0060: 66 69 65 2D 68 65 6C 6C  6D 61 6E 2D 67 72 6F 75 : fie-hellman-grou

0070: 70 31 34 2D 73 68 61 31  2C 64 69 66 66 69 65 2D : p14-sha1,diffie-

0080: 68 65 6C 6C 6D 61 6E 2D  67 72 6F 75 70 31 2D 73 : hellman-group1-s

0090: 68 61 31 00 00 00 0F 73  73 68 2D 72 73 61 2C 73 : ha1....ssh-rsa,s

00a0: 73 68 2D 64 73 73 00 00  00 71 61 65 73 32 35 36 : sh-dss...qaes256

00b0: 2D 63 62 63 2C 72 69 6A  6E 64 61 65 6C 2D 63 62 : -cbc,rijndael-cb

00c0: 63 40 6C 79 73 61 74 6F  72 2E 6C 69 75 2E 73 65 : c <at> lysator.liu.se

00d0: 2C 61 65 73 31 39 32 2D  63 62 63 2C 61 65 73 31 : ,aes192-cbc,aes1

00e0: 32 38 2D 63 62 63 2C 62  6C 6F 77 66 69 73 68 2D : 28-cbc,blowfish-

00f0: 63 62 63 2C 61 72 63 66  6F 75 72 31 32 38 2C 61 : cbc,arcfour128,a

0100: 72 63 66 6F 75 72 2C 63  61 73 74 31 32 38 2D 63 : rcfour,cast128-c

0110: 62 63 2C 33 64 65 73 2D  63 62 63 00 00 00 71 61 : bc,3des-cbc...qa

0120: 65 73 32 35 36 2D 63 62  63 2C 72 69 6A 6E 64 61 : es256-cbc,rijnda

0130: 65 6C 2D 63 62 63 40 6C  79 73 61 74 6F 72 2E 6C : el-cbc <at> lysator.l

0140: 69 75 2E 73 65 2C 61 65  73 31 39 32 2D 63 62 63 : iu.se,aes192-cbc

0150: 2C 61 65 73 31 32 38 2D  63 62 63 2C 62 6C 6F 77 : ,aes128-cbc,blow

0160: 66 69 73 68 2D 63 62 63  2C 61 72 63 66 6F 75 72 : fish-cbc,arcfour

0170: 31 32 38 2C 61 72 63 66  6F 75 72 2C 63 61 73 74 : 128,arcfour,cast

0180: 31 32 38 2D 63 62 63 2C  33 64 65 73 2D 63 62 63 : 128-cbc,3des-cbc

0190: 00 00 00 71 68 6D 61 63  2D 73 68 61 32 2D 32 35 : ...qhmac-sha2-25

01a0: 36 2C 68 6D 61 63 2D 73  68 61 32 2D 35 31 32 2C : 6,hmac-sha2-512,

01b0: 68 6D 61 63 2D 73 68 61  31 2C 68 6D 61 63 2D 73 : hmac-sha1,hmac-s

01c0: 68 61 31 2D 39 36 2C 68  6D 61 63 2D 6D 64 35 2C : ha1-96,hmac-md5,

01d0: 68 6D 61 63 2D 6D 64 35  2D 39 36 2C 68 6D 61 63 : hmac-md5-96,hmac

01e0: 2D 72 69 70 65 6D 64 31  36 30 2C 68 6D 61 63 2D : -ripemd160,hmac-

01f0: 72 69 70 65 6D 64 31 36  30 40 6F 70 65 6E 73 73 : ripemd160 <at> openss

0200: 68 2E 63 6F 6D 00 00 00  71 68 6D 61 63 2D 73 68 : h.com...qhmac-sh

0210: 61 32 2D 32 35 36 2C 68  6D 61 63 2D 73 68 61 32 : a2-256,hmac-sha2

0220: 2D 35 31 32 2C 68 6D 61  63 2D 73 68 61 31 2C 68 : -512,hmac-sha1,h

0230: 6D 61 63 2D 73 68 61 31  2D 39 36 2C 68 6D 61 63 : mac-sha1-96,hmac

0240: 2D 6D 64 35 2C 68 6D 61  63 2D 6D 64 35 2D 39 36 : -md5,hmac-md5-96

0250: 2C 68 6D 61 63 2D 72 69  70 65 6D 64 31 36 30 2C : ,hmac-ripemd160,

0260: 68 6D 61 63 2D 72 69 70  65 6D 64 31 36 30 40 6F : hmac-ripemd160 <at> o

0270: 70 65 6E 73 73 68 2E 63  6F 6D 00 00 00 04 6E 6F : penssh.com....no

0280: 6E 65 00 00 00 04 6E 6F  6E 65 00 00 00 00 00 00 : ne....none......

0290: 00 00 00 00 00 00 00                             : .......

[libssh2] 0.615625 Socket: Sent 832/832 bytes at 021D393C

=> libssh2_transport_write send() (832 bytes)

0000: 00 00 03 3C A4 14 30 B0  BB FA 02 DA BC 09 75 DA : ...<..0°»ת..¼       u.

0010: 15 A5 20 E6 B2 80 00 00  00 7E 64 69 66 66 69 65 : .¥ ז²....~diffie

0020: 2D 68 65 6C 6C 6D 61 6E  2D 67 72 6F 75 70 2D 65 : -hellman-group-e

0030: 78 63 68 61 6E 67 65 2D  73 68 61 32 35 36 2C 64 : xchange-sha256,d

0040: 69 66 66 69 65 2D 68 65  6C 6C 6D 61 6E 2D 67 72 : iffie-hellman-gr

0050: 6F 75 70 2D 65 78 63 68  61 6E 67 65 2D 73 68 61 : oup-exchange-sha

0060: 31 2C 64 69 66 66 69 65  2D 68 65 6C 6C 6D 61 6E : 1,diffie-hellman

0070: 2D 67 72 6F 75 70 31 34  2D 73 68 61 31 2C 64 69 : -group14-sha1,di

0080: 66 66 69 65 2D 68 65 6C  6C 6D 61 6E 2D 67 72 6F : ffie-hellman-gro

0090: 75 70 31 2D 73 68 61 31  00 00 00 0F 73 73 68 2D : up1-sha1....ssh-

00a0: 72 73 61 2C 73 73 68 2D  64 73 73 00 00 00 71 61 : rsa,ssh-dss...qa

00b0: 65 73 32 35 36 2D 63 62  63 2C 72 69 6A 6E 64 61 : es256-cbc,rijnda

00c0: 65 6C 2D 63 62 63 40 6C  79 73 61 74 6F 72 2E 6C : el-cbc <at> lysator.l

00d0: 69 75 2E 73 65 2C 61 65  73 31 39 32 2D 63 62 63 : iu.se,aes192-cbc

00e0: 2C 61 65 73 31 32 38 2D  63 62 63 2C 62 6C 6F 77 : ,aes128-cbc,blow

00f0: 66 69 73 68 2D 63 62 63  2C 61 72 63 66 6F 75 72 : fish-cbc,arcfour

0100: 31 32 38 2C 61 72 63 66  6F 75 72 2C 63 61 73 74 : 128,arcfour,cast

0110: 31 32 38 2D 63 62 63 2C  33 64 65 73 2D 63 62 63 : 128-cbc,3des-cbc

0120: 00 00 00 71 61 65 73 32  35 36 2D 63 62 63 2C 72 : ...qaes256-cbc,r

0130: 69 6A 6E 64 61 65 6C 2D  63 62 63 40 6C 79 73 61 : ijndael-cbc <at> lysa

0140: 74 6F 72 2E 6C 69 75 2E  73 65 2C 61 65 73 31 39 : tor.liu.se,aes19

0150: 32 2D 63 62 63 2C 61 65  73 31 32 38 2D 63 62 63 : 2-cbc,aes128-cbc

0160: 2C 62 6C 6F 77 66 69 73  68 2D 63 62 63 2C 61 72 : ,blowfish-cbc,ar

0170: 63 66 6F 75 72 31 32 38  2C 61 72 63 66 6F 75 72 : cfour128,arcfour

0180: 2C 63 61 73 74 31 32 38  2D 63 62 63 2C 33 64 65 : ,cast128-cbc,3de

0190: 73 2D 63 62 63 00 00 00  71 68 6D 61 63 2D 73 68 : s-cbc...qhmac-sh

01a0: 61 32 2D 32 35 36 2C 68  6D 61 63 2D 73 68 61 32 : a2-256,hmac-sha2

01b0: 2D 35 31 32 2C 68 6D 61  63 2D 73 68 61 31 2C 68 : -512,hmac-sha1,h

01c0: 6D 61 63 2D 73 68 61 31  2D 39 36 2C 68 6D 61 63 : mac-sha1-96,hmac

01d0: 2D 6D 64 35 2C 68 6D 61  63 2D 6D 64 35 2D 39 36 : -md5,hmac-md5-96

01e0: 2C 68 6D 61 63 2D 72 69  70 65 6D 64 31 36 30 2C : ,hmac-ripemd160,

01f0: 68 6D 61 63 2D 72 69 70  65 6D 64 31 36 30 40 6F : hmac-ripemd160 <at> o

0200: 70 65 6E 73 73 68 2E 63  6F 6D 00 00 00 71 68 6D : penssh.com...qhm

0210: 61 63 2D 73 68 61 32 2D  32 35 36 2C 68 6D 61 63 : ac-sha2-256,hmac

0220: 2D 73 68 61 32 2D 35 31  32 2C 68 6D 61 63 2D 73 : -sha2-512,hmac-s

0230: 68 61 31 2C 68 6D 61 63  2D 73 68 61 31 2D 39 36 : ha1,hmac-sha1-96

0240: 2C 68 6D 61 63 2D 6D 64  35 2C 68 6D 61 63 2D 6D : ,hmac-md5,hmac-m

0250: 64 35 2D 39 36 2C 68 6D  61 63 2D 72 69 70 65 6D : d5-96,hmac-ripem

0260: 64 31 36 30 2C 68 6D 61  63 2D 72 69 70 65 6D 64 : d160,hmac-ripemd

0270: 31 36 30 40 6F 70 65 6E  73 73 68 2E 63 6F 6D 00 : 160-ZT/51Pfwho1BDgjK7y7TUQ@public.gmane.org.

0280: 00 00 04 6E 6F 6E 65 00  00 00 04 6E 6F 6E 65 00 : ...none....none.

0290: 00 00 00 00 00 00 00 00  00 00 00 00 44 EC 14 45 : ............Dל.E

02a0: D8 CB 8F 55 8E AA 05 C1  1B 5E F1 C6 CF 83 68 52 : ״..U.×...^ס..ƒhR

02b0: 3A 38 3A FE 39 4E C1 98  A2 BA 7F D0 B4 C4 A9 7C : :8:.9N..¢÷.׀´.©|

02c0: 24 8F 3F 73 40 4D DB 09  D0 C5 6E F4 9B 7E 51 7D : $.?s <at> M. ׀.nפ›~Q}

02d0: 26 67 F7 C3 F3 00 3B 4E  AE 5D 50 28 4E D4 A6 6A : &gק.ף.;N®]P(Nװ¦j

02e0: 26 13 3C AF C1 22 17 53  57 05 7E 2E B2 37 79 97 : &.<¯.".SW.~.²7y—

02f0: 19 AA C8 F5 C1 92 70 63  64 F5 F2 F8 D5 88 18 F8 : .×.ץ.’pcdץערױ..ר

0300: 86 3C 7C 58 D4 8D 2C 1E  44 EF CC B7 58 68 B4 DE : †<|Xװ.,.Dן.·Xh´.

0310: 44 21 D9 9C D0 8D AE 9C  EA DB 4D 1C 6A F2 FD 46 : D!..׀.®.ך.M.jע.F

0320: 7F A3 1B 45 23 FA 32 CA  7E D3 A6 B8 B4 CC CB 1B : .£.E#ת2.~׃¦¸´...

0330: CD 6E 01 D1 3B 6D 65 B8  BE 69 12 D4 38 E7 08 8E : .n..;me¸¾i.װ8ח..

[libssh2] 0.615625 Transport: Looking for packet of type: 20

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0[libssh2] 0.693750 Socket: Recved 392/16384 bytes to 021CF914+0

=> libssh2_transport_read() raw (392 bytes)

0000: 00 00 01 84 07 14 AA 25  A8 63 3D 62 7D 7A 1F AC : ...„..×%¨c=b}z.¬

0010: 96 7D 83 EA 31 9C 00 00  00 5D 65 63 64 68 2D 73 : –}ƒך1....]ecdh-s

0020: 68 61 32 2D 6E 69 73 74  70 35 32 31 2C 65 63 64 : ha2-nistp521,ecd

0030: 68 2D 73 68 61 32 2D 6E  69 73 74 70 33 38 34 2C : h-sha2-nistp384,

0040: 65 63 64 68 2D 73 68 61  32 2D 6E 69 73 74 70 32 : ecdh-sha2-nistp2

0050: 35 36 2C 64 69 66 66 69  65 2D 68 65 6C 6C 6D 61 : 56,diffie-hellma

0060: 6E 2D 67 72 6F 75 70 2D  65 78 63 68 61 6E 67 65 : n-group-exchange

0070: 2D 73 68 61 32 35 36 00  00 00 23 73 73 68 2D 72 : -sha256...#ssh-r

0080: 73 61 2C 73 73 68 2D 64  73 73 2C 65 63 64 73 61 : sa,ssh-dss,ecdsa

0090: 2D 73 68 61 32 2D 6E 69  73 74 70 35 32 31 00 00 : -sha2-nistp521..

00a0: 00 20 61 65 73 32 35 36  2D 63 74 72 2C 61 65 73 : . aes256-ctr,aes

00b0: 31 39 32 2D 63 74 72 2C  61 65 73 31 32 38 2D 63 : 192-ctr,aes128-c

00c0: 74 72 00 00 00 20 61 65  73 32 35 36 2D 63 74 72 : tr... aes256-ctr

00d0: 2C 61 65 73 31 39 32 2D  63 74 72 2C 61 65 73 31 : ,aes192-ctr,aes1

00e0: 32 38 2D 63 74 72 00 00  00 2A 68 6D 61 63 2D 72 : 28-ctr...*hmac-r

00f0: 69 70 65 6D 64 31 36 30  2C 68 6D 61 63 2D 73 68 : ipemd160,hmac-sh

0100: 61 32 2D 32 35 36 2C 68  6D 61 63 2D 73 68 61 32 : a2-256,hmac-sha2

0110: 2D 35 31 32 00 00 00 2A  68 6D 61 63 2D 72 69 70 : -512...*hmac-rip

0120: 65 6D 64 31 36 30 2C 68  6D 61 63 2D 73 68 61 32 : emd160,hmac-sha2

0130: 2D 32 35 36 2C 68 6D 61  63 2D 73 68 61 32 2D 35 : -256,hmac-sha2-5

0140: 31 32 00 00 00 15 6E 6F  6E 65 2C 7A 6C 69 62 40 : 12....none,zlib <at>

0150: 6F 70 65 6E 73 73 68 2E  63 6F 6D 00 00 00 15 6E : openssh.com....n

0160: 6F 6E 65 2C 7A 6C 69 62  40 6F 70 65 6E 73 73 68 : one,zlib <at> openssh

0170: 2E 63 6F 6D 00 00 00 00  00 00 00 00 00 00 00 00 : .com............

0180: 00 00 00 00 00 00 00 00                          : ........

=> libssh2_transport_read() plain (380 bytes)

0000: 14 AA 25 A8 63 3D 62 7D  7A 1F AC 96 7D 83 EA 31 : .×%¨c=b}z.¬–}ƒך1

0010: 9C 00 00 00 5D 65 63 64  68 2D 73 68 61 32 2D 6E : ....]ecdh-sha2-n

0020: 69 73 74 70 35 32 31 2C  65 63 64 68 2D 73 68 61 : istp521,ecdh-sha

0030: 32 2D 6E 69 73 74 70 33  38 34 2C 65 63 64 68 2D : 2-nistp384,ecdh-

0040: 73 68 61 32 2D 6E 69 73  74 70 32 35 36 2C 64 69 : sha2-nistp256,di

0050: 66 66 69 65 2D 68 65 6C  6C 6D 61 6E 2D 67 72 6F : ffie-hellman-gro

0060: 75 70 2D 65 78 63 68 61  6E 67 65 2D 73 68 61 32 : up-exchange-sha2

0070: 35 36 00 00 00 23 73 73  68 2D 72 73 61 2C 73 73 : 56...#ssh-rsa,ss

0080: 68 2D 64 73 73 2C 65 63  64 73 61 2D 73 68 61 32 : h-dss,ecdsa-sha2

0090: 2D 6E 69 73 74 70 35 32  31 00 00 00 20 61 65 73 : -nistp521... aes

00a0: 32 35 36 2D 63 74 72 2C  61 65 73 31 39 32 2D 63 : 256-ctr,aes192-c

00b0: 74 72 2C 61 65 73 31 32  38 2D 63 74 72 00 00 00 : tr,aes128-ctr...

00c0: 20 61 65 73 32 35 36 2D  63 74 72 2C 61 65 73 31 :  aes256-ctr,aes1

00d0: 39 32 2D 63 74 72 2C 61  65 73 31 32 38 2D 63 74 : 92-ctr,aes128-ct

00e0: 72 00 00 00 2A 68 6D 61  63 2D 72 69 70 65 6D 64 : r...*hmac-ripemd

00f0: 31 36 30 2C 68 6D 61 63  2D 73 68 61 32 2D 32 35 : 160,hmac-sha2-25

0100: 36 2C 68 6D 61 63 2D 73  68 61 32 2D 35 31 32 00 : 6,hmac-sha2-512.

0110: 00 00 2A 68 6D 61 63 2D  72 69 70 65 6D 64 31 36 : ..*hmac-ripemd16

0120: 30 2C 68 6D 61 63 2D 73  68 61 32 2D 32 35 36 2C : 0,hmac-sha2-256,

0130: 68 6D 61 63 2D 73 68 61  32 2D 35 31 32 00 00 00 : hmac-sha2-512...

0140: 15 6E 6F 6E 65 2C 7A 6C  69 62 40 6F 70 65 6E 73 : .none,zlib <at> opens

0150: 73 68 2E 63 6F 6D 00 00  00 15 6E 6F 6E 65 2C 7A : sh.com....none,z

0160: 6C 69 62 40 6F 70 65 6E  73 73 68 2E 63 6F 6D 00 : lib-ZT/51Pfwho1BDgjK7y7TUQ@public.gmane.org.

0170: 00 00 00 00 00 00 00 00  00 00 00 00             : ............

[libssh2] 0.693750 Transport: Packet type 20 received, length=380

[libssh2] 0.693750 Transport: Looking for packet of type: 20

[libssh2] 0.693750 Failure Event: -5 - Unable to exchange encryption keys

* Failure establishing ssh session

[libssh2] 0.693750 Transport: Freeing session resource

[libssh2] 0.693750 Transport: Extra packets left 0

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

* Closing connection 0

curl: (2) Failure establishing ssh session

 


_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Moti Avrahami | 26 May 14:30 2016
Picon

Fail to connect SFTP server in v1.7.0

Hello,

 

I recently upgraded libssh2 from v1.4.1 to v1.7.0 and now I failed to connect SFTP servers.

 

I use it via libcurl v7.47/7.49 and got:

“Failed initialization: Failure establishing ssh session)”

 

When turning on the debug mode in libssh2 I  got the below output.

Does someone know how to solve it?

 

Thanks,

Moti

 

 

=> libssh2_transport_read() plain (692 bytes)

 [libssh2] 0.711551 Transport: Packet type 20 received, length=692

[libssh2] 0.711551 Transport: Looking for packet of type: 20

[libssh2] 0.711551 Key Ex: Agreed on KEX method: diffie-hellman-group-exchange-sha1

[libssh2] 0.711551 Key Ex: Agreed on HOSTKEY method: ssh-rsa

[libssh2] 0.711551 Key Ex: Agreed on CRYPT_CS method: aes128-ctr

[libssh2] 0.711551 Key Ex: Agreed on CRYPT_SC method: aes128-ctr

[libssh2] 0.711551 Key Ex: Agreed on MAC_CS method: hmac-sha1

[libssh2] 0.711551 Key Ex: Agreed on MAC_SC method: hmac-sha1

[libssh2] 0.711551 Key Ex: Agreed on COMP_CS method: none

[libssh2] 0.711551 Key Ex: Agreed on COMP_SC method: none

[libssh2] 0.711551 Key Ex: Initiating Diffie-Hellman Group-Exchange (New Method)

 

=> libssh2_transport_write plain (13 bytes)

0000: 22 00 00 04 00 00 00 06  00 00 00 08 00          : "............

[libssh2] 0.711551 Socket: Sent 40/40 bytes at 07A4BFAC

=> libssh2_transport_write send() (40 bytes)

0000: 00 00 00 24 16 22 00 00  04 00 00 00 06 00 00 00 : ...$."..........

0010: 08 00 8A B7 F1 C5 5C 79  A7 41 2C 15 10 41 14 7E : ......\y.A,..A.~

0020: 4E BC 6D 0D 19 D3 EA 5D                          : N.m....]

[libssh2] 0.711551 Transport: Looking for packet of type: 31

[libssh2] 0.727151 Socket: Recved 216/16384 bytes to 07A47F84+0

=> libssh2_transport_read() raw (216 bytes)

=> libssh2_transport_read() plain (203 bytes)

 [libssh2] 0.727151 Transport: Packet type 31 received, length=203

[libssh2] 0.727151 Transport: Looking for packet of type: 31

[libssh2] 0.727151 Key Ex: Sending KEX packet 32

=> libssh2_transport_write plain (198 bytes)

 [libssh2] 0.742751 Socket: Sent 208/208 bytes at 07A4BFAC

=> libssh2_transport_write send() (208 bytes)

 [libssh2] 0.742751 Transport: Looking for packet of type: 33

[libssh2] 0.742751 Socket: Recved 784/16384 bytes to 07A47F84+0

=> libssh2_transport_read() raw (784 bytes)

=> libssh2_transport_read() plain (753 bytes)

02f0: F3                                               : .

[libssh2] 0.742751 Transport: Packet type 33 received, length=753

[libssh2] 0.742751 Transport: Looking for packet of type: 33

[libssh2] 0.742751 Key Ex: Server's MD5 Fingerprint: 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

[libssh2] 0.758351 Key Ex: Server's SHA1 Fingerprint: 0b:b3:54:44:b7:ba:f0:dc:14

:f5:f6:25:91:72:80:1a:e9:cd:24:5c

[libssh2] 0.758351 Key Ex: Sending NEWKEYS message

=> libssh2_transport_write plain (1 bytes)

0000: 15                                               : .

[libssh2] 0.758351 Socket: Sent 184/184 bytes at 07A4BFAC

=> libssh2_transport_write send() (184 bytes)

 [libssh2] 0.758351 Transport: Looking for packet of type: 21

=> libssh2_transport_read() plain (1 bytes)

0000: 15                                               : .

[libssh2] 0.758351 Transport: Packet type 21 received, length=1

[libssh2] 0.758351 Transport: Looking for packet of type: 21

[libssh2] 0.758351 Key Ex: Received NEWKEYS message

[libssh2] 0.758351 Key Ex: session_id calculated

[libssh2] 0.758351 Failure Event: -8 - Unrecoverable error exchanging keys

[libssh2] 0.758351 Failure Event: -8 - Unable to exchange encryption keys

[libssh2] 0.758351 Transport: Freeing session resource

[libssh2] 0.758351 Transport: Extra packets left 0

 

 

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Daniel Stenberg | 24 May 09:30 2016
Picon
Gravatar

Specification for agent protocol (fwd)

FYI

Seems like this could be interesting to some libssh2 peeps as well...

-- 

  / daniel.haxx.se

---------- Forwarded message ----------
Date: Tue, 24 May 2016 09:29:06
From: Damien Miller <djm <at> mindrot.org>
To: ietf-ssh <at> netbsd.org
Subject: Specification for agent protocol

Hi,

A few people have asked over the years for a proper specification of the
agent protocol that most SSH implementations support. I've maintained
the PROTOCOL.agent file[1] in the OpenSSH source distribution as a
half-assed standard for some time, but I think that the protocol is
widely used enough to warrant an actual RFC.

So I've converted the half-assed documentation into something
a little bit more formal and published it as an I-D at
https://tools.ietf.org/html/draft-miller-ssh-agent-00

This is pretty much exactly the protocol as OpenSSH implements it. The
main changes from PROTOCOL.agent (for those who are familiar with it)
are removal of SSH v.1 bits and adding a couple of backwards-compatible
extension mechanisms to support user <at> domain.org-style extensibility.

I'd welcome any feedback and/or assistance in getting it completed and
published. Thanks to Simon Tatham for reviewing an earlier version.

-d

[1] https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.agent
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Jeff Coffler | 19 May 00:00 2016

Can a remote TCP/IP server get connection information from libssh2

Hi,

I'm working with one of the sample programs, direct_tcpip.c, which uses the libssh2_channel_direct_tcpip_ex to connect to a remote server via SSH.

That much is working great. I can talk to the server, everything is good. However, I would like the remote server (which may or may not be receiving a connection from SSH; it may also receive a connection directly over TCP/IP without SSH) to:

  1. Determine if the connection is coming in via SSH, and
  2. If coming in via SSH, determine the username and type of authentication that was used (password, key, etc). Or, if I can't determine the type of authentication, at least determine the username that was used to authenticate.

It's not clear to me if this is even possible:

  • The server may not be on the local host (I may connect from host A to server B, which connects via TCP/IP to server C, although that leg would not be encrypted),
  • For the life of me, I can't figure out a way to take the TCP/IP socket from accept() (that's all I've got on the server at the time) and turn that into something useful (like a LIBSSH2_SESSION * or something). And even if I had a valid session, I can't find an API that would return the username that was used to authenticate a session.

Is this sort of integration possible with libssh2?

Thanks in advance for any help!

/Jeff
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Moti Avrahami | 15 May 17:41 2016
Picon

Problem in compiling libssh2

Hi,

I just downloaded libssh2 v1.7.0 and try to compile it, but encountered a build errors.
I tried to compile it with Visual Studio 2003 and also 2013 (just created an empty C++ Static Library project and put inside all the source and header files) but failed because of the following error:
C2037 left of 'abstract' specifies undefined struct/union '_LIBSSH2_SESSION'

I have hundreds of errors like that.
As far as I saw, there is the following definition in libssh2.h:
typedef struct _LIBSSH2_SESSION LIBSSH2_SESSION;
and the _LIBSSH2_SESSION struct is defined in libssh2_priv.h 
but I still don't manage to compile this project and produce a .lib file.

I would add that today I have libssh2 v1.4.1 compiled successfully via Visual Studio 2003 and all works well. I even compare my project settings from 1.4.1 but found nothing.

Can someone help me out please?

Thanks,
Moti
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
John Petkovsek | 26 Apr 19:46 2016
Picon

libssh2_sftp_write failed: (-9) would block

I set the session to block with a timeout of 15 seconds but libssh2_sftp_write returns with a -9 (LIBSSH2_ERROR_TIMEOUT) after just a second or two.

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Paolo Elefante | 19 Apr 11:13 2016
Picon

Multithreaded SFTP application crash on CRYPTO_free in SUSE SLES12 environment

Hi there,

I use libssh2 (libssh2-1-1.4.3-16.1.x86_64) to establish SFTP connections in parallel in my multithreaded application running on Linux SUSE.

That code perfectly works on SUSE SLES11, but as I tried to migrate to SLES12 I got a serious crash.

 

As the application tries to open an SFTP connection, I get a systematic crash on “CRYPTO_free” when invoking ‘libssh2_session_handshake’.

I have checked the core dump using symbols and I’m sure that both TCP connection and SSH Session have been established (‘libssh2_session_init’ is successful).

 

In detail, libssh2_session_handshake crashes while invoking HMAC_Init_ex, EVP_DigestInit_ex, CRYPTO_free:

#0 0x00007fe3600eb0a7 in raise () from /lib64/libc.so.6

#1 0x00007fe3600ec458 in abort () from /lib64/libc.so.6

#2 0x00007fe360128764 in __libc_message () from /lib64/libc.so.6

#3 0x00007fe36012dfce in malloc_printerr () from /lib64/libc.so.6

#4 0x00007fe361e6b3fd in CRYPTO_free () from /lib64/libcrypto.so.1.0.0

#5 0x00007fe361ef4009 in EVP_DigestInit_ex () from /lib64/libcrypto.so.1.0.0

#6 0x00007fe361e79360 in HMAC_Init_ex () from /lib64/libcrypto.so.1.0.0

#7 0x00007fe36291ee7a in ?? () from /usr/lib64/libssh2.so.1

#8 0x00007fe36292d3e9 in ?? () from /usr/lib64/libssh2.so.1

#9 0x00007fe362924bd3 in libssh2_session_handshake () from /usr/lib64/libssh2.so.1

 

I have initialized OpenSSL for a multithreaded environment using static locking callbacks. I have also verified that callbacks are triggered by the underlying openssl stratum.

I initialized libssh2 using “libssh2_init(0)

 

I guess there's problem in the setup of my environment, but I can’t figure it out.

 

The same code works on SUSE SLES11 where my application linked libcrypto.so.0.9.8 and libssl.so.0.9.8, on the contrary on SLES12 my application is linking libcrypto.so.1.0.0 and libssl.so.1.0.0.

 

Has anyone experienced this problem or have a suggestion?

 

Thank you so much for your support.

 

Best Regards

/Paolo

 

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Daniel Stenberg | 9 Apr 11:20 2016
Picon
Gravatar

I'm slow

Hey,

If you think I'm slow and behind on my duties in this project, it is because 
that is true and it is a legitimate observation. And I don't expect my 
situtation regarding libssh2 to change much anytime soon.

So, I'm hoping others will step up and help out and drive where things need to 
get done etc. If you review a patch and you like it, say so. If you review a 
patch and don't like it, say so. Grab an issue and try to reproduce it. 
Respond in issues and help them get clarified. Open source only works fine 
when we all join in and do our share.

If you think you'd do the project good by getting push rights so that *you* 
can merge patches and push commits, do say so. But only bother if you've 
actually been around and shown yourself worthy in the project for a good while 
first.

Thanks!

--

-- 

  / daniel.haxx.se
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Cody P Schafer | 6 Apr 21:08 2016

dh parameter generation still not quite right?

I was looking into CVE-2016-0787 (bits vs bytes confusion within dh
exponent generation) and noted that someone had taken a look at the
code and commented on the github commit:
https://github.com/libssh2/libssh2/commit/ca5222ea819cc5ed797860070b4c6c1aeeb28420

After some examination myself, it appears that diffie_hellman_sha1 is
vulnerable to the same issue that diffie_hellman_sha256 was vulnerable
to, and there are other issues with private exponent generation that
should be examined.

I'm including the comments from github below for posterity:

yumkam commented on ca5222e on Feb 23:
> Something feels eerily wrong here.
> 1) compare diffie_hellman_sha1 and diffie_hellman_sha256; is not there exactly same problem in sha1 variant?
> 2) if I was not mistaken, this is generation of "private exponent"; but "private exponent" need not be as
large as group order! Normal size is "twice as generated key material", something from 256 bits to 512 bits
for usual symmetric algos and key sizes, see rfc4419 section 6.2 (Private exponent) [1].
> That is, it was, indeed, about 2 times too small before (and still wrong for diffie_hellman_sha1?), but it
is more than 4 times too large now. (Well, at least later is only performance issue).
> Disclaimer: I'm not real cryptographer, but only playing one.
> P.S. openssh uses min(2*max(symmetric_{key,iv,block,mac}_in_bits),p_bits-1)

yumkam commented on ca5222e on Feb 23:
> Also, for diffie-hellman-group-exchange-*, if p_bits+1 is not multiply of 8, group_order*8 can be
larger than p_bits (by up to 7 bits); thus, generated group_order*8-1-bit random value x can fail 1 < x <
(p-1)/2 test, see rfc4419[2]

[1]: https://tools.ietf.org/html/rfc4419#section-6.2
[2]: https://tools.ietf.org/html/rfc4419#section-3

Checking the code in git today shows the same flaws noted in those
comments still exist.

_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel

Gmane