No data received from server (ssh_dispatch_run_fatal)

Llewellynvdm commented 11 months ago

I have read over many issue that seem to have had similar issues.

When I use the keys I have (private-key) to normally login to the server it works, but with the Sftp class I get:

No data received from server

The SFTP connection passes an invalid format to the server, so on the server the logs read:

Oct 22 15:02:34 domain.com sshd[315558]: ssh_dispatch_run_fatal: Connection from xxx.xx.xx.xxx port xxxx: invalid format [preauth]

I followed the instructions on http://phpseclib.com/docs/diagnosis to try and see if there is more info in the $sftp->getLog(); values but it does not give any more details really. [see below]

What is really strange is that this use to work, and suddenly it stopped a few updates back... I ignored it at the time, since I had to much things to attend to, but the last three days I have been trying to resolve this, and without any success.

I have spend hours on this and I can't see to make an connection to a server (fresh AWS ubuntu servers) with:

use phpseclib3\Net\SFTP;
use phpseclib3\Crypt\PublicKeyLoader;

define('NET_SSH2_LOGGING', SFTP::LOG_COMPLEX);

$username = 'username';
$remote_host_ip = xxx.xxx.xxx.xxx // server IP
$port = 22; // server ssh port
$private_key = 'xxx.....xxxx'; // we tried RSA, and ED25518

try
{
    $sftp = new SFTP($remote_host_ip, $port);
    $sftp->login($username, PublicKeyLoader::load($private_key));
}
catch(\Exception $e)
{
    var_dump($e->getMessage()); // No data received from server
    var_dump($sftp->getLog()); // [see below]
    exit; 
}

At first I thought it was an error on my part, but after three days, its seems very unlikely.

Here is the $sftp->getLog() data:

<-
00000000  53:53:48:2d:32:2e:30:2d:4f:70:65:6e:53:53:48:5f  SSH-2.0-OpenSSH_
00000010  38:2e:39:70:31:20:55:62:75:6e:74:75:2d:33:75:62  8.9p1 Ubuntu-3ub
00000020  75:6e:74:75:30:2e:34:0d:0a                       untu0.4..

->
00000000  53:53:48:2d:32:2e:30:2d:70:68:70:73:65:63:6c:69  SSH-2.0-phpsecli
00000010  62:5f:33:2e:30:20:28:6c:69:62:73:6f:64:69:75:6d  b_3.0 (libsodium
00000020  2c:20:6f:70:65:6e:73:73:6c:2c:20:67:6d:70:29:0d  , openssl, gmp).
00000030  0a                                               .

-> NET_SSH2_MSG_KEXINIT (since last: 0.4023, network: 0.0001s)
00000000  30:5f:e1:92:3a:3c:08:be:b7:93:aa:b4:c9:4f:e5:3d  0_..:........O.=
00000010  00:00:01:7c:63:75:72:76:65:32:35:35:31:39:2d:73  ...|curve25519-s
00000020  68:61:32:35:36:2c:63:75:72:76:65:32:35:35:31:39  ha256,curve25519
00000030  2d:73:68:61:32:35:36:40:6c:69:62:73:73:68:2e:6f  -sha256@libssh.o
00000040  72:67:2c:65:63:64:68:2d:73:68:61:32:2d:6e:69:73  rg,ecdh-sha2-nis
00000050  74:70:32:35:36:2c:65:63:64:68:2d:73:68:61:32:2d  tp256,ecdh-sha2-
00000060  6e:69:73:74:70:33:38:34:2c:65:63:64:68:2d:73:68  nistp384,ecdh-sh
00000070  61:32:2d:6e:69:73:74:70:35:32:31:2c:64:69:66:66  a2-nistp521,diff
00000080  69:65:2d:68:65:6c:6c:6d:61:6e:2d:67:72:6f:75:70  ie-hellman-group
00000090  2d:65:78:63:68:61:6e:67:65:2d:73:68:61:32:35:36  -exchange-sha256
000000a0  2c:64:69:66:66:69:65:2d:68:65:6c:6c:6d:61:6e:2d  ,diffie-hellman-
000000b0  67:72:6f:75:70:2d:65:78:63:68:61:6e:67:65:2d:73  group-exchange-s
000000c0  68:61:31:2c:64:69:66:66:69:65:2d:68:65:6c:6c:6d  ha1,diffie-hellm
000000d0  61:6e:2d:67:72:6f:75:70:31:34:2d:73:68:61:32:35  an-group14-sha25
000000e0  36:2c:64:69:66:66:69:65:2d:68:65:6c:6c:6d:61:6e  6,diffie-hellman
000000f0  2d:67:72:6f:75:70:31:34:2d:73:68:61:31:2c:64:69  -group14-sha1,di
00000100  66:66:69:65:2d:68:65:6c:6c:6d:61:6e:2d:67:72:6f  ffie-hellman-gro
00000110  75:70:31:35:2d:73:68:61:35:31:32:2c:64:69:66:66  up15-sha512,diff
00000120  69:65:2d:68:65:6c:6c:6d:61:6e:2d:67:72:6f:75:70  ie-hellman-group
00000130  31:36:2d:73:68:61:35:31:32:2c:64:69:66:66:69:65  16-sha512,diffie
00000140  2d:68:65:6c:6c:6d:61:6e:2d:67:72:6f:75:70:31:37  -hellman-group17
00000150  2d:73:68:61:35:31:32:2c:64:69:66:66:69:65:2d:68  -sha512,diffie-h
00000160  65:6c:6c:6d:61:6e:2d:67:72:6f:75:70:31:38:2d:73  ellman-group18-s
00000170  68:61:35:31:32:2c:64:69:66:66:69:65:2d:68:65:6c  ha512,diffie-hel
00000180  6c:6d:61:6e:2d:67:72:6f:75:70:31:2d:73:68:61:31  lman-group1-sha1
00000190  00:00:00:71:73:73:68:2d:65:64:32:35:35:31:39:2c  ...qssh-ed25519,
000001a0  65:63:64:73:61:2d:73:68:61:32:2d:6e:69:73:74:70  ecdsa-sha2-nistp
000001b0  32:35:36:2c:65:63:64:73:61:2d:73:68:61:32:2d:6e  256,ecdsa-sha2-n
000001c0  69:73:74:70:33:38:34:2c:65:63:64:73:61:2d:73:68  istp384,ecdsa-sh
000001d0  61:32:2d:6e:69:73:74:70:35:32:31:2c:72:73:61:2d  a2-nistp521,rsa-
000001e0  73:68:61:32:2d:32:35:36:2c:72:73:61:2d:73:68:61  sha2-256,rsa-sha
000001f0  32:2d:35:31:32:2c:73:73:68:2d:72:73:61:2c:73:73  2-512,ssh-rsa,ss
00000200  68:2d:64:73:73:00:00:01:01:61:65:73:32:35:36:2d  h-dss....aes256-
00000210  67:63:6d:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c  gcm@openssh.com,
00000220  61:65:73:31:32:38:2d:67:63:6d:40:6f:70:65:6e:73  aes128-gcm@opens
00000230  73:68:2e:63:6f:6d:2c:61:65:73:31:32:38:2d:63:74  sh.com,aes128-ct
00000240  72:2c:61:65:73:31:39:32:2d:63:74:72:2c:61:65:73  r,aes192-ctr,aes
00000250  32:35:36:2d:63:74:72:2c:61:65:73:31:32:38:2d:63  256-ctr,aes128-c
00000260  62:63:2c:61:65:73:31:39:32:2d:63:62:63:2c:61:65  bc,aes192-cbc,ae
00000270  73:32:35:36:2d:63:62:63:2c:62:6c:6f:77:66:69:73  s256-cbc,blowfis
00000280  68:2d:63:74:72:2c:62:6c:6f:77:66:69:73:68:2d:63  h-ctr,blowfish-c
00000290  62:63:2c:33:64:65:73:2d:63:74:72:2c:33:64:65:73  bc,3des-ctr,3des
000002a0  2d:63:62:63:2c:74:77:6f:66:69:73:68:31:32:38:2d  -cbc,twofish128-
000002b0  63:74:72:2c:74:77:6f:66:69:73:68:31:39:32:2d:63  ctr,twofish192-c
000002c0  74:72:2c:74:77:6f:66:69:73:68:32:35:36:2d:63:74  tr,twofish256-ct
000002d0  72:2c:74:77:6f:66:69:73:68:31:32:38:2d:63:62:63  r,twofish128-cbc
000002e0  2c:74:77:6f:66:69:73:68:31:39:32:2d:63:62:63:2c  ,twofish192-cbc,
000002f0  74:77:6f:66:69:73:68:32:35:36:2d:63:62:63:2c:74  twofish256-cbc,t
00000300  77:6f:66:69:73:68:2d:63:62:63:00:00:01:01:61:65  wofish-cbc....ae
00000310  73:32:35:36:2d:67:63:6d:40:6f:70:65:6e:73:73:68  s256-gcm@openssh
00000320  2e:63:6f:6d:2c:61:65:73:31:32:38:2d:67:63:6d:40  .com,aes128-gcm@
00000330  6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:61:65:73:31  openssh.com,aes1
00000340  32:38:2d:63:74:72:2c:61:65:73:31:39:32:2d:63:74  28-ctr,aes192-ct
00000350  72:2c:61:65:73:32:35:36:2d:63:74:72:2c:61:65:73  r,aes256-ctr,aes
00000360  31:32:38:2d:63:62:63:2c:61:65:73:31:39:32:2d:63  128-cbc,aes192-c
00000370  62:63:2c:61:65:73:32:35:36:2d:63:62:63:2c:62:6c  bc,aes256-cbc,bl
00000380  6f:77:66:69:73:68:2d:63:74:72:2c:62:6c:6f:77:66  owfish-ctr,blowf
00000390  69:73:68:2d:63:62:63:2c:33:64:65:73:2d:63:74:72  ish-cbc,3des-ctr
000003a0  2c:33:64:65:73:2d:63:62:63:2c:74:77:6f:66:69:73  ,3des-cbc,twofis
000003b0  68:31:32:38:2d:63:74:72:2c:74:77:6f:66:69:73:68  h128-ctr,twofish
000003c0  31:39:32:2d:63:74:72:2c:74:77:6f:66:69:73:68:32  192-ctr,twofish2
000003d0  35:36:2d:63:74:72:2c:74:77:6f:66:69:73:68:31:32  56-ctr,twofish12
000003e0  38:2d:63:62:63:2c:74:77:6f:66:69:73:68:31:39:32  8-cbc,twofish192
000003f0  2d:63:62:63:2c:74:77:6f:66:69:73:68:32:35:36:2d  -cbc,twofish256-
00000400  63:62:63:2c:74:77:6f:66:69:73:68:2d:63:62:63:00  cbc,twofish-cbc.
00000410  00:00:f7:68:6d:61:63:2d:73:68:61:32:2d:32:35:36  ...hmac-sha2-256
00000420  2d:65:74:6d:40:6f:70:65:6e:73:73:68:2e:63:6f:6d  -etm@openssh.com
00000430  2c:68:6d:61:63:2d:73:68:61:32:2d:35:31:32:2d:65  ,hmac-sha2-512-e
00000440  74:6d:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:75  tm@openssh.com,u
00000450  6d:61:63:2d:36:34:2d:65:74:6d:40:6f:70:65:6e:73  mac-64-etm@opens
00000460  73:68:2e:63:6f:6d:2c:75:6d:61:63:2d:31:32:38:2d  sh.com,umac-128-
00000470  65:74:6d:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c  etm@openssh.com,
00000480  68:6d:61:63:2d:73:68:61:31:2d:65:74:6d:40:6f:70  hmac-sha1-etm@op
00000490  65:6e:73:73:68:2e:63:6f:6d:2c:68:6d:61:63:2d:73  enssh.com,hmac-s
000004a0  68:61:32:2d:32:35:36:2c:68:6d:61:63:2d:73:68:61  ha2-256,hmac-sha
000004b0  32:2d:35:31:32:2c:75:6d:61:63:2d:36:34:40:6f:70  2-512,umac-64@op
000004c0  65:6e:73:73:68:2e:63:6f:6d:2c:75:6d:61:63:2d:31  enssh.com,umac-1
000004d0  32:38:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:68  28@openssh.com,h
000004e0  6d:61:63:2d:73:68:61:31:2d:39:36:2c:68:6d:61:63  mac-sha1-96,hmac
000004f0  2d:73:68:61:31:2c:68:6d:61:63:2d:6d:64:35:2d:39  -sha1,hmac-md5-9
00000500  36:2c:68:6d:61:63:2d:6d:64:35:00:00:00:f7:68:6d  6,hmac-md5....hm
00000510  61:63:2d:73:68:61:32:2d:32:35:36:2d:65:74:6d:40  ac-sha2-256-etm@
00000520  6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:68:6d:61:63  openssh.com,hmac
00000530  2d:73:68:61:32:2d:35:31:32:2d:65:74:6d:40:6f:70  -sha2-512-etm@op
00000540  65:6e:73:73:68:2e:63:6f:6d:2c:75:6d:61:63:2d:36  enssh.com,umac-6
00000550  34:2d:65:74:6d:40:6f:70:65:6e:73:73:68:2e:63:6f  4-etm@openssh.co
00000560  6d:2c:75:6d:61:63:2d:31:32:38:2d:65:74:6d:40:6f  m,umac-128-etm@o
00000570  70:65:6e:73:73:68:2e:63:6f:6d:2c:68:6d:61:63:2d  penssh.com,hmac-
00000580  73:68:61:31:2d:65:74:6d:40:6f:70:65:6e:73:73:68  sha1-etm@openssh
00000590  2e:63:6f:6d:2c:68:6d:61:63:2d:73:68:61:32:2d:32  .com,hmac-sha2-2
000005a0  35:36:2c:68:6d:61:63:2d:73:68:61:32:2d:35:31:32  56,hmac-sha2-512
000005b0  2c:75:6d:61:63:2d:36:34:40:6f:70:65:6e:73:73:68  ,umac-64@openssh
000005c0  2e:63:6f:6d:2c:75:6d:61:63:2d:31:32:38:40:6f:70  .com,umac-128@op
000005d0  65:6e:73:73:68:2e:63:6f:6d:2c:68:6d:61:63:2d:73  enssh.com,hmac-s
000005e0  68:61:31:2d:39:36:2c:68:6d:61:63:2d:73:68:61:31  ha1-96,hmac-sha1
000005f0  2c:68:6d:61:63:2d:6d:64:35:2d:39:36:2c:68:6d:61  ,hmac-md5-96,hma
00000600  63:2d:6d:64:35:00:00:00:1a:6e:6f:6e:65:2c:7a:6c  c-md5....none,zl
00000610  69:62:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:7a  ib@openssh.com,z
00000620  6c:69:62:00:00:00:1a:6e:6f:6e:65:2c:7a:6c:69:62  lib....none,zlib
00000630  40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:7a:6c:69  @openssh.com,zli
00000640  62:00:00:00:00:00:00:00:00:00:00:00:00:00        b.............

<- NET_SSH2_MSG_KEXINIT (since last: 0.1909, network: 0.1909s)
00000000  71:1e:12:5b:e0:21:61:51:9d:99:0e:bd:fa:bc:1e:52  q..[.!aQ.......R
00000010  00:00:01:09:63:75:72:76:65:32:35:35:31:39:2d:73  ....curve25519-s
00000020  68:61:32:35:36:2c:63:75:72:76:65:32:35:35:31:39  ha256,curve25519
00000030  2d:73:68:61:32:35:36:40:6c:69:62:73:73:68:2e:6f  -sha256@libssh.o
00000040  72:67:2c:65:63:64:68:2d:73:68:61:32:2d:6e:69:73  rg,ecdh-sha2-nis
00000050  74:70:32:35:36:2c:65:63:64:68:2d:73:68:61:32:2d  tp256,ecdh-sha2-
00000060  6e:69:73:74:70:33:38:34:2c:65:63:64:68:2d:73:68  nistp384,ecdh-sh
00000070  61:32:2d:6e:69:73:74:70:35:32:31:2c:73:6e:74:72  a2-nistp521,sntr
00000080  75:70:37:36:31:78:32:35:35:31:39:2d:73:68:61:35  up761x25519-sha5
00000090  31:32:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:64  12@openssh.com,d
000000a0  69:66:66:69:65:2d:68:65:6c:6c:6d:61:6e:2d:67:72  iffie-hellman-gr
000000b0  6f:75:70:2d:65:78:63:68:61:6e:67:65:2d:73:68:61  oup-exchange-sha
000000c0  32:35:36:2c:64:69:66:66:69:65:2d:68:65:6c:6c:6d  256,diffie-hellm
000000d0  61:6e:2d:67:72:6f:75:70:31:36:2d:73:68:61:35:31  an-group16-sha51
000000e0  32:2c:64:69:66:66:69:65:2d:68:65:6c:6c:6d:61:6e  2,diffie-hellman
000000f0  2d:67:72:6f:75:70:31:38:2d:73:68:61:35:31:32:2c  -group18-sha512,
00000100  64:69:66:66:69:65:2d:68:65:6c:6c:6d:61:6e:2d:67  diffie-hellman-g
00000110  72:6f:75:70:31:34:2d:73:68:61:32:35:36:00:00:00  roup14-sha256...
00000120  39:72:73:61:2d:73:68:61:32:2d:35:31:32:2c:72:73  9rsa-sha2-512,rs
00000130  61:2d:73:68:61:32:2d:32:35:36:2c:65:63:64:73:61  a-sha2-256,ecdsa
00000140  2d:73:68:61:32:2d:6e:69:73:74:70:32:35:36:2c:73  -sha2-nistp256,s
00000150  73:68:2d:65:64:32:35:35:31:39:00:00:00:6c:63:68  sh-ed25519...lch
00000160  61:63:68:61:32:30:2d:70:6f:6c:79:31:33:30:35:40  acha20-poly1305@
00000170  6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:61:65:73:31  openssh.com,aes1
00000180  32:38:2d:63:74:72:2c:61:65:73:31:39:32:2d:63:74  28-ctr,aes192-ct
00000190  72:2c:61:65:73:32:35:36:2d:63:74:72:2c:61:65:73  r,aes256-ctr,aes
000001a0  31:32:38:2d:67:63:6d:40:6f:70:65:6e:73:73:68:2e  128-gcm@openssh.
000001b0  63:6f:6d:2c:61:65:73:32:35:36:2d:67:63:6d:40:6f  com,aes256-gcm@o
000001c0  70:65:6e:73:73:68:2e:63:6f:6d:00:00:00:6c:63:68  penssh.com...lch
000001d0  61:63:68:61:32:30:2d:70:6f:6c:79:31:33:30:35:40  acha20-poly1305@
000001e0  6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:61:65:73:31  openssh.com,aes1
000001f0  32:38:2d:63:74:72:2c:61:65:73:31:39:32:2d:63:74  28-ctr,aes192-ct
00000200  72:2c:61:65:73:32:35:36:2d:63:74:72:2c:61:65:73  r,aes256-ctr,aes
00000210  31:32:38:2d:67:63:6d:40:6f:70:65:6e:73:73:68:2e  128-gcm@openssh.
00000220  63:6f:6d:2c:61:65:73:32:35:36:2d:67:63:6d:40:6f  com,aes256-gcm@o
00000230  70:65:6e:73:73:68:2e:63:6f:6d:00:00:00:d5:75:6d  penssh.com....um
00000240  61:63:2d:36:34:2d:65:74:6d:40:6f:70:65:6e:73:73  ac-64-etm@openss
00000250  68:2e:63:6f:6d:2c:75:6d:61:63:2d:31:32:38:2d:65  h.com,umac-128-e
00000260  74:6d:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:68  tm@openssh.com,h
00000270  6d:61:63:2d:73:68:61:32:2d:32:35:36:2d:65:74:6d  mac-sha2-256-etm
00000280  40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:68:6d:61  @openssh.com,hma
00000290  63:2d:73:68:61:32:2d:35:31:32:2d:65:74:6d:40:6f  c-sha2-512-etm@o
000002a0  70:65:6e:73:73:68:2e:63:6f:6d:2c:68:6d:61:63:2d  penssh.com,hmac-
000002b0  73:68:61:31:2d:65:74:6d:40:6f:70:65:6e:73:73:68  sha1-etm@openssh
000002c0  2e:63:6f:6d:2c:75:6d:61:63:2d:36:34:40:6f:70:65  .com,umac-64@ope
000002d0  6e:73:73:68:2e:63:6f:6d:2c:75:6d:61:63:2d:31:32  nssh.com,umac-12
000002e0  38:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:68:6d  8@openssh.com,hm
000002f0  61:63:2d:73:68:61:32:2d:32:35:36:2c:68:6d:61:63  ac-sha2-256,hmac
00000300  2d:73:68:61:32:2d:35:31:32:2c:68:6d:61:63:2d:73  -sha2-512,hmac-s
00000310  68:61:31:00:00:00:d5:75:6d:61:63:2d:36:34:2d:65  ha1....umac-64-e
00000320  74:6d:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:75  tm@openssh.com,u
00000330  6d:61:63:2d:31:32:38:2d:65:74:6d:40:6f:70:65:6e  mac-128-etm@open
00000340  73:73:68:2e:63:6f:6d:2c:68:6d:61:63:2d:73:68:61  ssh.com,hmac-sha
00000350  32:2d:32:35:36:2d:65:74:6d:40:6f:70:65:6e:73:73  2-256-etm@openss
00000360  68:2e:63:6f:6d:2c:68:6d:61:63:2d:73:68:61:32:2d  h.com,hmac-sha2-
00000370  35:31:32:2d:65:74:6d:40:6f:70:65:6e:73:73:68:2e  512-etm@openssh.
00000380  63:6f:6d:2c:68:6d:61:63:2d:73:68:61:31:2d:65:74  com,hmac-sha1-et
00000390  6d:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:2c:75:6d  m@openssh.com,um
000003a0  61:63:2d:36:34:40:6f:70:65:6e:73:73:68:2e:63:6f  ac-64@openssh.co
000003b0  6d:2c:75:6d:61:63:2d:31:32:38:40:6f:70:65:6e:73  m,umac-128@opens
000003c0  73:68:2e:63:6f:6d:2c:68:6d:61:63:2d:73:68:61:32  sh.com,hmac-sha2
000003d0  2d:32:35:36:2c:68:6d:61:63:2d:73:68:61:32:2d:35  -256,hmac-sha2-5
000003e0  31:32:2c:68:6d:61:63:2d:73:68:61:31:00:00:00:15  12,hmac-sha1....
000003f0  6e:6f:6e:65:2c:7a:6c:69:62:40:6f:70:65:6e:73:73  none,zlib@openss
00000400  68:2e:63:6f:6d:00:00:00:15:6e:6f:6e:65:2c:7a:6c  h.com....none,zl
00000410  69:62:40:6f:70:65:6e:73:73:68:2e:63:6f:6d:00:00  ib@openssh.com..
00000420  00:00:00:00:00:00:00:00:00:00:00                 ...........

-> NET_SSH2_MSG_KEX_ECDH_INIT (since last: 0.0012, network: 0s)
00000000  00:00:00:20:99:d7:fd:c1:9a:03:03:1a:7e:b8:5c:4c  ... ........~.\L
00000010  18:5f:68:9d:ee:44:55:78:b0:f5:41:bf:3a:26:48:aa  ._h..DUx..A.:&H.
00000020  fc:a2:ce:28                                      ...(

<- NET_SSH2_MSG_KEX_ECDH_REPLY (since last: 0.2013, network: 0.2012s)
00000000  00:00:00:33:00:00:00:0b:73:73:68:2d:65:64:32:35  ...3....ssh-ed25
00000010  35:31:39:00:00:00:20:e2:55:d0:ed:b7:5d:e7:56:1c  519... .U...].V.
00000020  64:b6:d1:ed:1d:2c:84:41:e6:4f:e0:ef:36:10:5f:22  d....,.A.O..6._"
00000030  c2:ef:0a:2a:10:6e:58:00:00:00:20:d3:79:30:61:71  ...*.nX... .y0aq
00000040  ea:33:e8:41:d8:1d:4c:4b:d0:d8:21:a3:a0:a4:b6:29  .3.A..LK..!....)
00000050  c5:ee:ea:a2:01:20:e5:e6:60:3c:37:00:00:00:53:00  ..... ..`.7...S.
00000060  00:00:0b:73:73:68:2d:65:64:32:35:35:31:39:00:00  ...ssh-ed25519..
00000070  00:40:25:a5:57:65:f8:15:5e:60:1d:ea:08:d9:d8:44  .@%.We..^`.....D
00000080  3b:9a:25:f6:70:c5:14:a8:e4:9d:4b:d0:30:2e:e4:b0  ;.%.p.....K.0...
00000090  f0:7a:13:d5:02:22:ea:f7:71:b3:e2:2f:f9:7d:e2:e8  .z..."..q../.}..
000000a0  2b:a6:ad:8e:2a:cf:cf:f9:4a:06:34:3c:67:9c:df:1e  +...*...J.4.g...
000000b0  44:0a                                            D.

-> NET_SSH2_MSG_NEWKEYS (since last: 0.0003, network: 0s)

<- NET_SSH2_MSG_NEWKEYS (since last: 0, network: 0s)

-> NET_SSH2_MSG_SERVICE_REQUEST (since last: 0.0002, network: 0s)
00000000  00:00:00:0c:73:73:68:2d:75:73:65:72:61:75:74:68  ....ssh-userauth

<- NET_SSH2_MSG_SERVICE_ACCEPT (since last: 0.4302, network: 0.4302s)
00000000  00:00:00:0c:73:73:68:2d:75:73:65:72:61:75:74:68  ....ssh-userauth

-> NET_SSH2_MSG_USERAUTH_REQUEST (since last: 0.0001, network: 0.0001s)
00000000  00:00:00:10:6c:6c:65:77:65:6c:6c:79:6e:00:00:00  ....ubuntu....
00000010  00:00:00:00:00:00:00:0e:73:73:68:2d:63:6f:6e:6e  ........ssh-conn
00000020  65:63:74:69:6f:6e:00:00:00:04:6e:6f:6e:65        ection....none

Here is the server log for this call:

Oct 22 15:42:36 ubuntu sshd[567]: debug3: fd 5 is not O_NONBLOCK
Oct 22 15:42:36 ubuntu sshd[567]: debug1: Forked child 317636.
Oct 22 15:42:36 ubuntu sshd[567]: debug3: send_rexec_state: entering fd = 8 config len 3376
Oct 22 15:42:36 ubuntu sshd[567]: debug3: ssh_msg_send: type 0
Oct 22 15:42:36 ubuntu sshd[567]: debug3: send_rexec_state: done
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: oom_adjust_restore
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: Set /proc/self/oom_score_adj to 0
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: inetd sockets after dupping: 4, 4
Oct 22 15:42:36 ubuntu sshd[317636]: Connection from xxx.xxx.xxx.xxx port xxxx on inernal.ip.xxx port 22 rdomain ""
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.4
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: Remote protocol version 2.0, remote software version phpseclib_3.0 (libsodium, openssl, gmp)
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: compat_banner: no match: phpseclib_3.0 (libsodium, openssl, gmp)
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: fd 4 setting O_NONBLOCK
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: ssh_sandbox_init: preparing seccomp filter sandbox
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: Network child is on pid 317637
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: preauth child monitor started
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: privsep user:group 109:65534 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: permanently_set_uid: 109/65534 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: append_hostkey_type: ssh-rsa key not permitted by HostkeyAlgorithms [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: send packet: type 20 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: receive packet: type 20 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: SSH2_MSG_KEXINIT received [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: local server KEXINIT proposal [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@openssh.com,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: compression ctos: none,zlib@openssh.com [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: compression stoc: none,zlib@openssh.com [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: languages ctos:  [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: languages stoc:  [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: first_kex_follows 0  [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: reserved 0  [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: peer client KEXINIT proposal [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group15-sha512,diffie-hellman-group16-sha512,diffie-hellman-group17-sha512,diffie-hellman-group18-sha512,diffie-hellman-group1-sha1 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: ciphers ctos: aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,twofish128-ctr,twofish192-ctr,twofish256-ctr,twofish128-cbc,twofish192-cbc,twofish256-cbc,twofish-cbc [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: ciphers stoc: aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,twofish128-ctr,twofish192-ctr,twofish256-ctr,twofish128-cbc,twofish192-cbc,twofish256-cbc,twofish-cbc [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: MACs ctos: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: MACs stoc: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com,umac-128@openssh.com,hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: compression ctos: none,zlib@openssh.com,zlib [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: compression stoc: none,zlib@openssh.com,zlib [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: languages ctos:  [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: languages stoc:  [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: first_kex_follows 0  [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: reserved 0  [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: kex: algorithm: curve25519-sha256 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: kex: host key algorithm: ssh-ed25519 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: kex: client->server cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: kex: server->client cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: receive packet: type 30 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: SSH2_MSG_KEX_ECDH_INIT received [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: mm_sshkey_sign: entering [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: mm_request_send: entering, type 6 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: mm_request_receive_expect: entering, type 7 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: mm_request_receive: entering [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: mm_request_receive: entering
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: monitor_read: checking request 6
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: mm_answer_sign: entering
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: mm_answer_sign: ssh-ed25519 KEX signature len=83
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: mm_request_send: entering, type 7
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: monitor_read: 6 used once, disabling now
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: send packet: type 31 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: send packet: type 21 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: ssh_set_newkeys: mode 1 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: rekey out after 4294967296 blocks [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: receive packet: type 21 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: SSH2_MSG_NEWKEYS received [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug2: ssh_set_newkeys: mode 0 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: rekey in after 4294967296 blocks [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug1: KEX done [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: receive packet: type 5 [preauth]
Oct 22 15:42:36 ubuntu sshd[317636]: debug3: send packet: type 6 [preauth]
Oct 22 15:42:37 ubuntu sshd[317636]: debug3: receive packet: type 50 [preauth]
Oct 22 15:42:37 ubuntu sshd[317636]: ssh_dispatch_run_fatal: Connection from xxx.xxx.xxx.xxx port xxxx: invalid format [preauth]
Oct 22 15:42:37 ubuntu sshd[317636]: debug1: do_cleanup [preauth]
Oct 22 15:42:37 ubuntu sshd[317636]: debug3: PAM: sshpam_thread_cleanup entering [preauth]
Oct 22 15:42:37 ubuntu sshd[317636]: debug1: monitor_read_log: child log fd closed
Oct 22 15:42:37 ubuntu sshd[317636]: debug3: mm_request_receive: entering
Oct 22 15:42:37 ubuntu sshd[317636]: debug1: do_cleanup
Oct 22 15:42:37 ubuntu sshd[317636]: debug3: PAM: sshpam_thread_cleanup entering
Oct 22 15:42:37 ubuntu sshd[317636]: debug1: Killing privsep child 317637
Oct 22 15:42:37 ubuntu sshd[317636]: debug1: audit_event: unhandled event 12

If I am over looking something simple please let me know, I really need this to work.

terrafrost commented 11 months ago

Well I can tell you that the "preauth" request is absolutely not malformed. Here's the "preauth" request:

-> NET_SSH2_MSG_USERAUTH_REQUEST (since last: 0.0001, network: 0.0001s)
00000000  00:00:00:10:6c:6c:65:77:65:6c:6c:79:6e:00:00:00  ....ubuntu....
00000010  00:00:00:00:00:00:00:0e:73:73:68:2d:63:6f:6e:6e  ........ssh-conn
00000020  65:63:74:69:6f:6e:00:00:00:04:6e:6f:6e:65        ection....none

Here's what RFC4252 § Authentication Requests says:

All authentication requests MUST use the following message format.
   Only the first few fields are defined; the remaining fields depend on
   the authentication method.

      byte      SSH_MSG_USERAUTH_REQUEST
      string    user name in ISO-10646 UTF-8 encoding [[RFC3629](https://datatracker.ietf.org/doc/html/rfc3629)]
      string    service name in US-ASCII
      string    method name in US-ASCII
      ....      method specific fields

So the first four bytes in the packet that phpseclib is sending out (00:00:00:10) are the string length. The next 16 bytes (6c:6c:65:77:65:6c:6c:79:6e:00:00:00:00:00:00:00) are the username. Now, it is a little strange that your username has null bytes tacked onto the end of it. It's like... your username isn't "ubuntu" - it's "ubuntu\0\0\0\0\0\0\0". So I'd do echo strlen($username) in your code before you do $sftp->login($username, PublicKeyLoader::load($private_key)). Is it 8 characters or 16? If what phpseclib is getting passed has a bunch of null bytes being tacked onto the end then it stands to reason that it would have a bunch when phpseclib sends the username to the server.

Anyway, after that the next four bytes are the service name string length (00:00:00:0e) and then the service name itself of ssh-connection. 0e is 14 in decimal and ssh-connection is indeed 14 bytes.

The next four bytes after that are the method name length (00:00:00:04) and then the method name itself ("none"). And then that's the end of the request. So per the SSH specs the packet is perfectly valid. The only thing I can see is that your username has null bytes tacked onto the end of it but that's not a phpseclib problem. Sure, I suppose phpseclib could do trim($username, "\0") or maybe you could just do that and make sure that the username you're passing to phpseclib doesn't have null bytes tacked onto the end.

terrafrost commented 11 months ago

Also, when I decode the non-null hex characters for the username that's being passed to the server I get llewellyn - not ubuntu. But yah - I think the problem is prob your username. More specifically, I think you have bad characters in it.

Llewellynvdm commented 11 months ago

Okay so much for tying to strip personal data... I will double check, but I am almost absolutely sure it has no bad characters...

Llewellynvdm commented 11 months ago

You where right, it was null bytes in the username, thank you! Seeing that something so trivial cost me three days is truly humbling...

I am loading the username, and well all details from an encrypted source... so it turned out all values had null bites madness! So what changed must have been on the encryption and decryption side of the details, and not on phpseclib's side.

phpseclib / phpseclib

No data received from server (ssh_dispatch_run_fatal) #1955