New-SSHSession : Session operation has timed out on Cisco SF350

[SleeperCZ]

Hello, I am using Posh-SSH ver. 3.0.0. I do have an issue "New-SSHSession : Session operation has timed out" when trying to create connection to Cisco SF350, SF550, etc. It uses SSH-2.0-OpenSSH_7.3p1.RL protocol version. When I am trying to create connection to older models like SF300, that uses SSH-2.0-OpenSSH_5.9p1.RL, it works great! Cisco updated OpenSSH from 5.9 to 7.3 couse some known vulnerabilities. There is no way to change it back on 5.9.

[darkoperator]

Is there any error logged on the device?

Sent from my iPhone

On Jan 25, 2022, at 8:48 AM, SleeperCZ @.***> wrote:

 Hello, I am using Posh-SSH ver. 3.0.0. I do have an issue "New-SSHSession : Session operation has timed out" when trying to create connection to Cisco SF350, SF550, etc. It uses SSH-2.0-OpenSSH_7.3p1.RL protocol version. When I am trying to create connection to older models like SF300, that uses SSH-2.0-OpenSSH_5.9p1.RL, it works great! Cisco updated OpenSSH from 5.9 to 7.3 couse some known vulnerabilities. There is no way to change it back on 5.9.

— Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android. You are receiving this because you are subscribed to this thread.

[SleeperCZ]

Not at all. Process stops before key exchange. I have tried some calls, and catched them by wireshark.

1. Calling SF350 with SSH-2.0-OpenSSH_7.3p1.RL on server side. Client waits for key exchange Init from server side and than timeout and close connection .
2. Calling SF300 with SSH-2.0-OpenSSH_5.9p1.RL on server side. Client receive key exchange packet from server and continue with secure the connection. All works fine... .
3. Calling SF350 with SSH-2.0-OpenSSH_7.3p1.RL on server side. Client starts key exchange itself and server answer. All work fine than .

[SleeperCZ]

Hello, is there any progress? Can I assist somehow? Maybe to capture more communication? Or try some another scenario? whatever.... :)

[darkoperator]

Sadly no because I dont have the gear to reproduce or test this.

Sent from my iPhone

On Feb 14, 2022, at 12:33 PM, SleeperCZ @.***> wrote:

 Hello, is there any progress? Can I assist somehow? Maybe to capture more communication? Or try some another scenario? whatever.... :)

— Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android. You are receiving this because you commented.

[darkoperator]

Can you check what is the algorithms set on the device and what are the ones used for the hose key? Could be it moved to a version of AES not supported by the module.

[SleeperCZ]

Hello, I published one of devices at address 80.92.253.138 TCP 22 It's Cisco SF250 seriess. According the Log of putty during connection, it uses cyber AES256 and SHA1 Auth.

" 2022-02-22 09:23:16 Looking up host "80.92.253.138" for SSH connection 2022-02-22 09:23:16 Connecting to 80.92.253.138 port 22 2022-02-22 09:23:16 We claim version: SSH-2.0-PuTTY_Release_0.74 2022-02-22 09:23:16 Remote version: SSH-2.0-OpenSSH_7.3p1.RL 2022-02-22 09:23:16 Using SSH protocol version 2 2022-02-22 09:23:16 No GSSAPI security context available 2022-02-22 09:23:16 Doing Diffie-Hellman group exchange 2022-02-22 09:23:16 Doing Diffie-Hellman key exchange using 2048-bit modulus and hash SHA-1 (unaccelerated) with a server-supplied group 2022-02-22 09:23:17 Server also has ssh-dss host key, but we don't know it 2022-02-22 09:23:17 Host key fingerprint is: 2022-02-22 09:23:17 ssh-rsa 2048 91:d9:a7:95:1a:45:e1:5c:41:9b:bd:15:e1:5c:01:dd 2022-02-22 09:23:17 Initialised AES-256 SDCTR (AES-NI accelerated) outbound encryption 2022-02-22 09:23:17 Initialised HMAC-SHA-1 (unaccelerated) outbound MAC algorithm 2022-02-22 09:23:17 Initialised AES-256 SDCTR (AES-NI accelerated) inbound encryption 2022-02-22 09:23:17 Initialised HMAC-SHA-1 (unaccelerated) inbound MAC algorithm "

po 21. 2. 2022 v 13:55 odesílatel Carlos Perez @.***> napsal:

Can you check what is the algorithms set on the device and what are the ones used for the hose key? Could be it moved to a version of AES not supported by the module.

— Reply to this email directly, view it on GitHub https://github.com/darkoperator/Posh-SSH/issues/442#issuecomment-1046848455, or unsubscribe https://github.com/notifications/unsubscribe-auth/AROHKLQZ67JEMICKIPY4ZBTU4IY5TANCNFSM5MYFFISQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you authored the thread.Message ID: @.***>

[darkoperator]

Noticed something interesting on Mac OS it is not able to negotiate a channel to validate the key using OpenSSH

debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: @.,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c debug2: host key algorithms: @*.**@*.**@*.**@*.**@*.**@*.**@*.**@*.**@*.**@*.**@.,rsa-sha2-512,rsa-sha2-256,ssh-rsa debug2: ciphers ctos: @.**@*.**@*. debug2: ciphers stoc: @*.**@*.**@. debug2: MACs ctos: @.**@*.**@*.**@*.**@*.**@*.**@*.,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: @*.**@*.**@*.**@*.**@*.**@*.**@.,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: @.,zlib debug2: compression stoc: @.,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1 debug2: host key algorithms: ssh-rsa,ssh-dss debug2: ciphers ctos: @. debug2: ciphers stoc: @. debug2: MACs ctos: hmac-sha1 debug2: MACs stoc: hmac-sha1 debug2: compression ctos: none debug2: compression stoc: none debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: (no match) Unable to negotiate with 80.92.253.138 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1

On Windows with OpenSSH it defaults to @. @.> and it is able to work. With Posh-SSH the behavior is similar to OpenSSH on Mac because neither support @. @.> even when other supported ciphers are available. Wonder if that could be cause

Wonder if setting explicitly AES would work

ip ssh server algorithm mac hmac-sha1 ip ssh server algorithm encryption aes128-ctr aes256-ctr

[SleeperCZ]

Unfortunately I am unable to configure that on Small business Switch SF250, I can only enable or disable ip ssh server and generate or modify server keys :-(

I thought that the difference should be in order of key exchange inicialization. Few months ago, when I have found that problem to comunicate with SF350, I browsed internet to get some answers. I have found one blog, where Cisco described why they have changed from OpenSSH5.9 to OpenSSH7.3. As I remember, the reason was somehow connected exactly with the order of key exchange init. (it was some security bug in 5.9) Unfortunatelly I am unable to find that blog again :-( I can see, that putty starts the key exchange from client site and all works fine. But in case of Posh-SSH client is awaiting the server site init and timeout.

But maybe the problem is deeper, as you wrote. I have just poor knowadge of encryption algoriths :-( I have found that you build Posh-SSH on renci.ssh.net. According the documentation GitHub they do support diffie-hellman-group1-sha1 and diffie-hellman-group14-sha1so if the switch is offering that ones, I do not see any reason not to use them. On internet I have fould some topics about week cyphers disabled on MAC and workarround how to eneble them gain in comfiguration file.

út 22. 2. 2022 v 15:22 odesílatel Carlos Perez @.***> napsal:

Noticed something interesting on Mac OS it is not able to negotiate a channel to validate the key using OpenSSH

debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: @.,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c debug2: host key algorithms: @*.**@*.**@*.**@*.**@*.**@*.**@*.**@*.**@*.**@*.**@.,rsa-sha2-512,rsa-sha2-256,ssh-rsa debug2: ciphers ctos: @.**@*.**@*. debug2: ciphers stoc: @*.**@*.**@. debug2: MACs ctos: @.**@*.**@*.**@*.**@*.**@*.**@*.,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: @*.**@*.**@*.**@*.**@*.**@*.**@.,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: @.,zlib debug2: compression stoc: @.,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1 debug2: host key algorithms: ssh-rsa,ssh-dss debug2: ciphers ctos: @. debug2: ciphers stoc: @. debug2: MACs ctos: hmac-sha1 debug2: MACs stoc: hmac-sha1 debug2: compression ctos: none debug2: compression stoc: none debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: (no match) Unable to negotiate with 80.92.253.138 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1

On Windows with OpenSSH it defaults to @. @.> and it is able to work. With Posh-SSH the behavior is similar to OpenSSH on Mac because neither support @. @.> even when other supported ciphers are available. Wonder if that could be cause

Wonder if setting explicitly AES would work

ip ssh server algorithm mac hmac-sha1 ip ssh server algorithm encryption aes128-ctr aes256-ctr

— Reply to this email directly, view it on GitHub https://github.com/darkoperator/Posh-SSH/issues/442#issuecomment-1047847157, or unsubscribe https://github.com/notifications/unsubscribe-auth/AROHKLWPA2DDL62R56NGHSDU4OL4HANCNFSM5MYFFISQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you authored the thread.Message ID: @.***>

[darkoperator]

I think it could be the chaca cipher or this problem https://github.com/sshnet/SSH.NET/pull/841

[SleeperCZ]

I have tried to build new version of ssh.net with likeMyCoffee modification. It realy changes the order of client and server identification as expected. method connect() of class Session passing throught the client/server identification, than register message lisseners and stuck at line 624 of Session.cs WaitOnHandle(_keyExchangeCompletedWaitHandle); till is not timed out. The point is, that the server side just do not send keyexchangeinit. It waits init message from server and there is no way to force method Connect() to send keyexchangeInit. It is not implemented there and its definitely out of my skills to make it.

[darkoperator]

Do you know if the target has compression disabled? Since Posh-SSH does not support it

Sent from my iPhone

On Mar 24, 2022, at 2:11 PM, SleeperCZ @.***> wrote:

 I have tried to build new version of ssh.net with likeMyCoffee modification. It realy changes the order of client and server identification as expected. method connect() of class Session passing throught the client/server identification, than register message lisseners and stuck at line 624 of Session.cs WaitOnHandle(_keyExchangeCompletedWaitHandle); till is not timed out. The point is, that the server side just do not send keyexchangeinit. It waits init message from server and there is no way to force method Connect() to send keyexchangeInit. It is not implemented there and its definitely out of my skills to make it.

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.

[SleeperCZ]

There is not such option on switch configuration CLI. But I am absolutelly sure, that I can connect on switch without compression by putty. So maybe switch support compression, but definitelly do not force request it.

čt 24. 3. 2022 v 21:23 odesílatel Carlos Perez @.***> napsal:

Do you know if the target has compression disabled? Since Posh-SSH does not support it

Sent from my iPhone

On Mar 24, 2022, at 2:11 PM, SleeperCZ @.***> wrote:

 I have tried to build new version of ssh.net with likeMyCoffee modification. It realy changes the order of client and server identification as expected. method connect() of class Session passing throught the client/server identification, than register message lisseners and stuck at line 624 of Session.cs WaitOnHandle(_keyExchangeCompletedWaitHandle); till is not timed out. The point is, that the server side just do not send keyexchangeinit. It waits init message from server and there is no way to force method Connect() to send keyexchangeInit. It is not implemented there and its definitely out of my skills to make it.

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you commented.

— Reply to this email directly, view it on GitHub https://github.com/darkoperator/Posh-SSH/issues/442#issuecomment-1078191615, or unsubscribe https://github.com/notifications/unsubscribe-auth/AROHKLSDJM4O7EPFM3GDW2DVBTFNBANCNFSM5MYFFISQ . You are receiving this because you authored the thread.Message ID: @.***>

[asmith3006]

I think I'm having the same issue on CSB350 switches. Did you make any progress with this?

[darkoperator]

Known issue with the library I use and cisco kit Cisco connection issue fix by likeMyCoffee · Pull Request #841 · sshnet/SSH.NETgithub.comMessage ID: @.***>

[darkoperator]

can you test with version 3.0.7?

[MisterRat]

It is still a problem with 3.0.8

can you test with version 3.0.7?

[darkoperator]

The fix in the PR did not work. Sadly if you use cisco kit I can’t recommend you use my module at this timeSent from my iPhoneOn Dec 2, 2022, at 2:23 PM, MisterRat @.***> wrote: It is still a problem with 3.0.8

can you test with version 3.0.7?

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you commented.Message ID: @.***>

[darkoperator]

Version 3.1.2 includes the latest version of SSH.NET, which should address this.

[SleeperCZ]

thats great! I will try it as soon is possible. Thank you!

st 3. 1. 2024 v 1:25 odesílatel Carlos Perez @.***> napsal:

Version 3.1.2 includes the latest version of SSH.NET, which should address this.

— Reply to this email directly, view it on GitHub https://github.com/darkoperator/Posh-SSH/issues/442#issuecomment-1874718022, or unsubscribe https://github.com/notifications/unsubscribe-auth/AROHKLUCSA5AR3A4AM5FFSTYMSQNZAVCNFSM5MYFFIS2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TCOBXGQ3TCOBQGIZA . You are receiving this because you authored the thread.Message ID: @.***>

[SleeperCZ]

Works great. Thank you wery much! Libor

st 3. 1. 2024 v 1:25 odesílatel Carlos Perez @.***> napsal:

Version 3.1.2 includes the latest version of SSH.NET, which should address this.

— Reply to this email directly, view it on GitHub https://github.com/darkoperator/Posh-SSH/issues/442#issuecomment-1874718022, or unsubscribe https://github.com/notifications/unsubscribe-auth/AROHKLUCSA5AR3A4AM5FFSTYMSQNZAVCNFSM5MYFFIS2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TCOBXGQ3TCOBQGIZA . You are receiving this because you authored the thread.Message ID: @.***>