PaloAlto NGFW bug

[Naidjel]

connection to firewall establish but in application window show nothing and after time application stack. version 1.9.2 and above

[kingToolbox]

Which version are you using, Windows or Linux? Can you connect normally with other tools? Such as putty, openssh and so on. Is there any error message reported during the process? In addition, what does "stack" mean, is it a crash or stack overflow? Since I don't have PaloAlto NGFW, more information may be needed, thank you very much.

[Naidjel]

version - Windows connect normally by kitty/putty no error, application crash, in firewall logs creates many ssh connections (in kitty just one). mmm, maybe i create VM with installed NGFW and give it to you with credentials? trial period 30 days

[kingToolbox]

Thank you. Kitty is a fork of PuTTY, so they should be the same thing. From your description, there should be a problem with the login. When there are problems during the login, WindTerm will try to log in repeatedly(60 attempts in 30 seconds) to ensure that the login is successful as much as possible. This is why you see so many connections in the firwall log.

Do you log in with a password or a publickey? If possible, can you try another login method? For example, if you log in with a password now, try log in with a publickey to see if you can succeed.

It is not safe for you to open the network port to the Internet, so I will try to analyze it first. The use of opening network will be a "last resort".

The current version does not have a detailed connection log. If my static analysis is not effective, then I will add the connection log in the next version, so you only need to send the log to me then. I believe the reason for the error can be obtained from the log.

I expect the next version v2.0.0_Prelease_2 to be released within next week.

[Naidjel]

login with password. Login with publickey no possibility(( alright, waiting release 2. Thank you.

[Naidjel]

Good day! Connection log added?

[kingToolbox]

Sorry to keep you waiting. v2.0.0._Prerelease_2 was already released at the beginning of the month, but unfortunately the connection log was not included. I have added it in v2.0.0_Prerelease_3 and will release it in the next few days.

The reason why it has been delayed for so long is because I have been struggling with SSH ProxyCommand. The old design relies on ssh.exe. After I finished, I felt it was not convenient to use, and users need to understand the meaning of ssh -q -x -W %h:%p or ssh -J. So I redesigned a simple and elegant solution, which is completely implemented internally and does not depend on any external programs. This took me a lot of time. But once you use ProxyCommand, I believe you will think the redesign is worthwhile.

Once the new prerelease version is released, I will update this to notify you, thank you.

[kingToolbox]

The new version 2.0.0_prerelease_3 has finally been released and connection log has been added. You can download it now.

After downloading, please do the following:

• Open the ssh session property dialog.
• In Terminal / Logging, check the "Log all session output".
• Connect to the host and wait application stack.
• Open the folder WindTerm-Install-Path/profiles/default.v10/terminal/logs/Session-Name
• Confirm that the latest log file exists and contains content such as "ssh_connect".
• Zip the log file and upload in your comment.

If there is no log file or the log file is empty, it means that the log has not been output to the disk when the program is deadlocked. Please tell me, I will add the function of forcibly flushing log to the hard disk. In addition, please don't worry, the log will not record any private information such as usernames and password, and you can check this before uploading the log file. Thank you very much.

[Naidjel]

Greetings! As a result, I downloaded prerelease. I did everything according to the instructions. I attach the log file. I will also leave a link to the video where the problem is visible. pa1_2021-03-05_12-02-02.log

[kingToolbox]

Thank you for the detailed information, especially the video which helped me a lot (Please don't mind that I have remove the video link for you ). I have re-fixed and updated the release, please re-download WindTerm_2.0.0_Prerelease_4_Windows_Portable.zip and test again, thank you very much. The Linux version is not updated. If you need Linux version, please let me know and I will make an update.

My analysis of the log did not find any problems, and the log shows that the Shell subsystem was also opened correctly. But because WindTerm exited abnormally, it may cause incomplete log records. Therefore, in the new release, the bug of WindTerm freezing was fixed first, and more log content were added. If your test still has problems, please follow the previous steps to submit a new log file, and you may need to close WindTerm this time to ensure that all logs are output, thank you!

In addition, I suspect that the bug is related to the SFTP subsystem. So if the test encounters a problem, please try to disable the SFTP and test again to see if it works. You can disable the SFTP in the session property dialog, just uncheck the option Session Property Dialog - SSH - Authentication - When session is authenticated - Enable SFTP.

Sorry to trouble you, I hope to fix this bug for you as soon as possible, thank you very much.

[Naidjel]

Yeah! If disable SFTP works fine! Maybe the firewall doesn't like that. SFTP sessions are not connected on Checkpoint firewalls too, but SSH itself works by default. Is there anything else I can help in solving this problem?

[kingToolbox]

You are so kind, would you please help me to see if the stack problem still exists when SFTP is enabled? Thank you.

BTW, the new stable v2.0.0 has been finally released, please download and use it. There is one feature "Enhanced protection of username and password" I made especially for you. :smile: When I watched the video you uploaded, I noticed that you moved the camera away when you entered your username (That's why I removed the video link for you). So I realize that the security of the username and password needs to be enhanced. In the new version, I redesigned the username and password input and display. I believe that now whether it is taking photos or recording videos, both will be effectively protected and you no longer need to worry about this. This is why I disappeared in the past two days and did not respond in time. I wish you like this feature. If you have any suggestions, please tell me and I will continue to improve this feature.

[Naidjel]

thx! =) Can I close issue?

[kingToolbox]

Yes, please. Welcome to continue submitting new issues and feature requests. Thank you! 😃