Problems with ssh_bind_new

[orcim]

I (619) wifi:mode : null I (619) wifi:mode : sta (60:55:f9:f5:c4:3c) I (619) wifi:enable tsf I (5619) TAG_tskSSHD: bindNew [1970/01/01 00:00:05.271692, 1] ssh_bind_import_keys: ECDSA, ED25519, DSA, or RSA host key file must be set E (5619) FreeRTOS: FreeRTOS Task "sshd" should not return, Aborting now!

abort() was called at PC 0x4037f34b on core 1 0x4037f34b: vPortTaskWrapper at /home/orcim/esp/esp-idf-v4.4.3/components/freertos/port/xtensa/port.c:135

[klaus-liebler]

Hi to all, same problem here:

I (3534) esp_netif_handlers: sta ip: 192.168.2.127, mask: 255.255.255.0, gw: 192.168.2.1 I (3534) WIFI: got ip:192.168.2.127 I (3534) WIFI: connected to ap [1970/01/01 00:00:03.176272, 1] ssh_bind_import_keys: ECDSA, ED25519, DSA, or RSA host key file must be set E (3544) FreeRTOS: FreeRTOS Task "sshd" should not return, Aborting now!

I am compiling with ESP-IDF 5.0.1 & libssh 0.10.4 . To get the stuff compiled, it was necessary to

• change the wifi connection routine
• modify components/sshlib/CMakeLists.txt (add some more source files; -Wno-error=format; -Wno-error=char-subscripts)

You find the whole project here: https://github.com/klaus-liebler/espidf-ssh

prior to compilation, use menuconfig to

• switch to custom partition layout
• adjust WIFI ssid and password

[klaus-liebler]

Me again... I tried to investigate in this further and added some log outputs to track the return codes of variious function. In a first run, it was the sshd.c-->import_embedded_host_key() function that gave a non SSH_OK result. I added other ESP_LOG calls and identified the "if (p >= e)"-line as source of the error:

I (3186) SSHD: create_new_server(sc)
E (3196) SSHD: p >= e
E (3196) SSHD: import_embedded_host_key(sc->sc_sshbind, sc->sc_host_key)!=SSH_OK

I added various other ESP_LOG calls just for detecting possible future problems. Well, I tested again and it now runs perfectly. I am able to login with putty and call both commands.

I guess, there is some strange memory problem during the "heavy API abuse" in "import_host_key" function, that is somehow hidden, when adding ESP_LOG calls. And this makes me nervous... Unfortunately, I do not really understand, whats going on in this function. Any help or hint is highly appreciated!

Regards

Klaus

[lukilukeskywalker]

Well, @klaus-liebler, gotta tell you, you had luck. You should have bought the lottery that day. I found the problem, but still havent thought on how to solve it. The problem resides on what the function ssh_bind_options_set in the options.c file in the libssh library does behind the scenes. The function ssh_bind_options_set first frees the pointed location where the string "" is, and then allocates a new portion of memory for the "1234[...]" string.... Which could be on the same position of memory as the previous one... So in that case, the memory comparison function wouldn't work, and the code would crash.

Any ideas on how to solve it? I have tryed to find the offset on the ssh_keys by doing offsetof the struct, but obviously the compiler doesnt know anything about the struct ssh_bind_struct (bind.h) and you cant import bind.h

[lukilukeskywalker]

Well, I have solved it by making first the memcpy of the sshbind into the buf, then passing the buf to the function ssh_bind_options_set, and then passing sshbind to ssh_bind_options_set, like this: memcpy(buf, sshbind, sizeof(buf)); if(0 != ssh_bind_options_set(buf, SSH_BIND_OPTIONS_BINDADDR, "")) ESP_LOGE("sshd", "Error en bind options set 1"); ESP_LOGI("sshd", "acabo de mandar el bud"); if(0 != ssh_bind_options_set(sshbind, SSH_BIND_OPTIONS_BINDADDR, "0123456789ABCDEF0123456789ABCDEF")) ESP_LOGE("sshd", "Error en bind options set 2"); Yet, somehow I don't get an IP address, nor can I connect to the ssh server (Not even sure if it starts successfully, or it gets stuck inside the task loop) Also, i should free the string that is created in the buf, as that string is never cleared now Any input on why it might not getting the IP address?

[lukilukeskywalker]

Finally got it to work, wifi.c has to be changed to use the new esp idf netif component (Uploaded, just change extension to .c) and increase the factory size to 2 M (for example) wifi.txt

[klaus-liebler]

Hi @lukilukeskywalker

in the meanwhile I did a heavy rework on this. Especially I removed the "heavy api abuse" by using a virtual file system. My current code(untested, only compiles...) can still be found here https://github.com/klaus-liebler/espidf-ssh .

A full application using the ssh-server for OTA can be found here (btw, this project controls the awning and the lights on my terrace roof): https://github.com/klaus-liebler/sensactIO/tree/main/sensactIO_firmware/main .

Regards, Klaus

[lukilukeskywalker]

Hi @klaus-liebler Nice to see, you kept working on it. Though, it is not accesible for us mere mortals ;) Maybe you have it on a private repository? Would love to see the rework you did, Thank you very much, Lukas

[klaus-liebler]

uuups, sorry. Changed visibility to public. BTW, you need to clone the https://github.com/klaus-liebler/espidf-components repo as well, because there are the required components "libssh", "megacli" and "wifi_sta_softap".

Regards, Klaus

[j105rob]

uuups, sorry. Changed visibility to public. BTW, you need to clone the https://github.com/klaus-liebler/espidf-components repo as well, because there are the required components "libssh", "megacli" and "wifi_sta_softap".

Regards, Klaus

Klaus, Can you make the libssh, megacli and softap visible?

[klaus-liebler]

Uups, sorry. I changed various things in my computers directory structure and now, things got broken. You need to clone the https://github.com/klaus-liebler/espidf-components and you need to clone the https://github.com/klaus-liebler/espidf-components-sshconsole . Update the project itself as well. I did a quick test: it successfully compiles and I can login with root/root and call the systeminfo command. Have fun!