search

yebin-yu / openssh_with_ukey

Other
0 stars 0 forks source link

Test sm2 connect #3

Closed yebin-yu closed 6 months ago

yebin-yu commented 7 months ago

sshd

┌──(root㉿yebinyu)-[/home/yebinyu/Documents/openssh_with_ukey]
└─# /home/yebinyu/Documents/openssh_with_ukey/sshd -p 10023 -D -d -oHostKeyAlgorithms=sm2 -oMacs=hmac-sm3 -oKexAlgorithms=sm2-sm3 -oCiphers=sm4-ctr            
debug1: sshd version OpenSSH_9.3, OpenSSL 3.1.5 30 Jan 2024
debug1: private host key #0: sm2 SM3:nDxyNTHpRVXkLU+zQJgNCxLCSqEwsm++Bjf1N2KA5t4
debug1: rexec_argv[0]='/home/yebinyu/Documents/openssh_with_ukey/sshd'
debug1: rexec_argv[1]='-p'
debug1: rexec_argv[2]='10023'
debug1: rexec_argv[3]='-D'
debug1: rexec_argv[4]='-d'
debug1: rexec_argv[5]='-oHostKeyAlgorithms=sm2'
debug1: rexec_argv[6]='-oMacs=hmac-sm3'
debug1: rexec_argv[7]='-oKexAlgorithms=sm2-sm3'
debug1: rexec_argv[8]='-oCiphers=sm4-ctr'
debug1: Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 10023 on 0.0.0.0.
Server listening on 0.0.0.0 port 10023.
debug1: Bind to port 10023 on ::.
Server listening on :: port 10023.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: sshd version OpenSSH_9.3, OpenSSL 3.1.5 30 Jan 2024
debug1: private host key #0: sm2 SM3:nDxyNTHpRVXkLU+zQJgNCxLCSqEwsm++Bjf1N2KA5t4
debug1: inetd sockets after dupping: 3, 3
Connection from 10.211.55.6 port 54866 on 10.211.55.6 port 10023 rdomain ""
debug1: Local version string SSH-2.0-OpenSSH_9.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_9.3
debug1: compat_banner: match: OpenSSH_9.3 pat OpenSSH* compat 0x04000000
debug1: permanently_set_uid: 114/65534 [preauth]
debug1: list_hostkey_types: sm2 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: algorithm: sm2-sm3 [preauth]
debug1: kex: host key algorithm: sm2 [preauth]
debug1: kex: client->server cipher: sm4-ctr MAC: hmac-sm3 compression: none [preauth]
debug1: kex: server->client cipher: sm4-ctr MAC: hmac-sm3 compression: none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: SSH2_MSG_KEX_ECDH_INIT received [preauth]
buffer len = 624
0000: 00 00 00 13 53 53 48 2d 32 2e 30 2d 4f 70 65 6e  ....SSH-2.0-Open
0016: 53 53 48 5f 39 2e 33 00 00 00 13 53 53 48 2d 32  SSH_9.3....SSH-2
0032: 2e 30 2d 4f 70 65 6e 53 53 48 5f 39 2e 33 00 00  .0-OpenSSH_9.3..
0048: 00 a5 14 f7 41 20 45 76 12 fe 70 59 77 dc 94 ba  ....A Ev..pYw...
0064: dc 84 a1 00 00 00 12 73 6d 32 2d 73 6d 33 2c 65  .......sm2-sm3,e
0080: 78 74 2d 69 6e 66 6f 2d 63 00 00 00 03 73 6d 32  xt-info-c....sm2
0096: 00 00 00 07 73 6d 34 2d 63 74 72 00 00 00 07 73  ....sm4-ctr....s
0112: 6d 34 2d 63 74 72 00 00 00 08 68 6d 61 63 2d 73  m4-ctr....hmac-s
0128: 6d 33 00 00 00 08 68 6d 61 63 2d 73 6d 33 00 00  m3....hmac-sm3..
0144: 00 1a 6e 6f 6e 65 2c 7a 6c 69 62 40 6f 70 65 6e  ..none,zlib@open
0160: 73 73 68 2e 63 6f 6d 2c 7a 6c 69 62 00 00 00 1a  ssh.com,zlib....
0176: 6e 6f 6e 65 2c 7a 6c 69 62 40 6f 70 65 6e 73 73  none,zlib@openss
0192: 68 2e 63 6f 6d 2c 7a 6c 69 62 00 00 00 00 00 00  h.com,zlib......
0208: 00 00 00 00 00 00 00 00 00 00 90 14 8e 9d 7c 40  ..............|@
0224: 29 4f 2c 23 66 59 fa 9f a2 13 a1 7c 00 00 00 07  )O,#fY.....|....
0240: 73 6d 32 2d 73 6d 33 00 00 00 03 73 6d 32 00 00  sm2-sm3....sm2..
0256: 00 07 73 6d 34 2d 63 74 72 00 00 00 07 73 6d 34  ..sm4-ctr....sm4
0272: 2d 63 74 72 00 00 00 08 68 6d 61 63 2d 73 6d 33  -ctr....hmac-sm3
0288: 00 00 00 08 68 6d 61 63 2d 73 6d 33 00 00 00 15  ....hmac-sm3....
0304: 6e 6f 6e 65 2c 7a 6c 69 62 40 6f 70 65 6e 73 73  none,zlib@openss
0320: 68 2e 63 6f 6d 00 00 00 15 6e 6f 6e 65 2c 7a 6c  h.com....none,zl
0336: 69 62 40 6f 70 65 6e 73 73 68 2e 63 6f 6d 00 00  ib@openssh.com..
0352: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53 00  ..............S.
0368: 00 00 03 73 6d 32 00 00 00 03 73 6d 32 00 00 00  ...sm2....sm2...
0384: 41 04 a1 c9 cd 77 6e b5 99 c0 9b d0 9d 97 84 d3  A....wn.........
0400: 73 e6 1f 5d 45 1b 71 90 53 83 3b 68 df 3b 60 23  s..]E.q.S.;h.;`#
0416: e0 e9 8f d8 aa c6 89 43 c8 49 3b 98 f4 05 00 9e  .......C.I;.....
0432: ec fc 57 fe 71 08 d4 65 0f a4 33 6e 5d 62 b5 32  ..W.q..e..3n]b.2
0448: 57 eb 00 00 00 41 04 ab 51 17 db e5 bf ac 70 9b  W....A..Q.....p.
0464: c9 d0 d8 9a c2 90 6e ab a4 b0 a7 d4 01 3b 84 5f  ......n......;._
0480: 4d 2e 9b 59 1e 5b f6 f5 89 0a cb 7c 6f af 21 62  M..Y.[.....|o.!b
0496: 31 60 b1 d4 68 a0 5b 55 7e 58 03 15 28 60 d4 65  1`..h.[U~X..(`.e
0512: 11 ab 61 0b 4c d3 8d 00 00 00 41 04 9c 3a e5 31  ..a.L.....A..:.1
0528: 24 05 9b 4c 41 24 3a ce ba 7f 35 3d c8 c6 9e 6b  $..LA$:...5=...k
0544: 83 56 29 38 94 87 3c f1 d0 77 35 65 40 3e 45 50  .V)8..<..w5e@>EP
0560: 11 e6 c1 69 4c 21 fc 98 bb 65 3f 87 b1 eb bc e8  ...iL!...e?.....
0576: 67 48 9b 63 76 24 84 eb cb 08 70 3d 00 00 00 20  gH.cv$....p=... 
0592: 26 27 65 93 f2 72 1e 54 d0 3a e5 90 56 12 16 ca  &'e..r.T.:..V...
0608: 99 a1 04 ed fb 58 c6 05 ec a0 15 03 90 64 1e 75  .....X.......d.u
hash
0000: b9 f2 ae 0a 18 a7 9f 3c 27 5d 80 5e 8d dc 54 c7  .......<'].^..T.
0016: c2 4f 05 c4 d0 3b 5e ef 25 dd 10 84 a7 e7 b3 fb  .O...;^.%.......
key 'A'== key
0000: bd 00 3b c2 24 e9 a5 7d f7 2e 17 05 be 46 48 41  ..;.$..}.....FHA
0016: 6e ae 5c 61 bf 6d da da c3 ed 87 4a e0 04 c0 fa  n.\a.m.....J....
key 'B'== key
0000: 9b ba 95 da e9 a8 98 52 e4 2e 17 52 1e a0 71 1a  .......R...R..q.
0016: 09 55 f9 aa 5d 9e 2e 49 82 08 05 a2 ff 8f 8f 28  .U..]..I.......(
key 'C'== key
0000: 88 bb 1d 01 70 95 9d b0 86 e1 af 21 eb b7 d8 66  ....p......!...f
0016: 8f 10 3c 0d 44 ac 3f 0d 83 76 5f b3 d6 ba ef fc  ..<.D.?..v_.....
key 'D'== key
0000: e0 ac fc a5 69 97 9e e4 e8 40 42 35 1d 5b 47 fc  ....i....@B5.[G.
0016: da 53 2d e2 8e 6c 6c b4 e4 9a fe a3 4b 5e c4 5c  .S-..ll.....K^.\
key 'E'== key
0000: 90 5c fc 66 9d a0 15 19 4c 21 71 7e 7c d2 95 4e  .\.f....L!q~|..N
0016: 15 b6 64 e0 76 61 8e 5c 2c cb f9 f1 60 42 bb f2  ..d.va.\,...`B..
key 'F'== key
0000: b8 fe 82 92 1f 86 bc d7 ac ad e0 57 e0 fb f9 fe  ...........W....
0016: d2 ab ee d2 d6 0a 20 da 57 a7 e9 fa 3e 42 96 eb  ...... .W...>B..
debug1: rekey out after 4294967296 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: Sending SSH2_MSG_EXT_INFO [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: rekey in after 4294967296 blocks [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user root service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: userauth-request for user root service ssh-connection method keyboard-interactive [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: keyboard-interactive devs  [preauth]
debug1: auth2_challenge: user=root devs= [preauth]
debug1: kbdint_alloc: devices '' [preauth]
debug1: userauth-request for user root service ssh-connection method password [preauth]
debug1: attempt 2 failures 1 [preauth]
Accepted password for root from 10.211.55.6 port 54866 ssh2
debug1: monitor_child_preauth: user root authenticated by privileged process
debug1: monitor_read_log: child log fd closed
debug1: rekey in after 4294967296 blocks
debug1: rekey out after 4294967296 blocks
debug1: ssh_packet_set_postauth: called
debug1: active: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch
debug1: server_input_channel_open: ctype session rchan 0 win 1048576 max 16384
debug1: input_session_request
debug1: channel 0: new session [server-session] (inactive timeout: 0)
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_global_request: rtype no-more-sessions@openssh.com want_reply 0
debug1: server_input_channel_req: channel 0 request pty-req reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/pts/2
debug1: server_input_channel_req: channel 0 request env reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req env
debug1: server_input_channel_req: channel 0 request shell reply 1
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req shell
Starting session: shell on pts/2 for root from 10.211.55.6 port 54866 id 0
debug1: Setting controlling tty using TIOCSCTTY.
debug1: Received SIGCHLD.
debug1: session_by_pid: pid 55614
debug1: session_exit_message: session 0 channel 0 pid 55614
debug1: session_exit_message: release channel 0
debug1: session_pty_cleanup2: session 0 release /dev/pts/2
Received disconnect from 10.211.55.6 port 54866:11: disconnected by user
Disconnected from user root 10.211.55.6 port 54866
debug1: do_cleanup
.11 -oHostKeyAlgorithms=sm2 -mMacs=hmac-sm3 -oKexAlgorithms=sm2-sm3 -oCiphers=sm4-ctr -vvv -i ~/

ssh

┌──(root㉿yebinyu)-[/home/yebinyu/Documents/openssh_with_ukey]
└─# ./ssh -p 10023 root@10.211.55.6 -oHostKeyAlgorithms=sm2 -oMacs=hmac-sm3 -oKexAlgorithms=sm2-sm3 -oCiphers=sm4-ctr -vvv -i ~/
OpenSSH_9.3p1, OpenSSL 3.1.5 30 Jan 2024
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
/etc/ssh/ssh_config line 53: Unsupported option "gssapiauthentication"
debug2: resolve_canonicalize: hostname 10.211.55.6 is address
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/root/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/root/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug3: ssh_connect_direct: entering
debug1: Connecting to 10.211.55.6 [10.211.55.6] port 10023.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug1: Connection established.
debug1: identity file /root/ type -1
debug1: identity file /root/-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_9.3
debug1: compat_banner: match: OpenSSH_9.3 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.211.55.6:10023 as 'root'
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: sm2-sm3,ext-info-c
debug2: host key algorithms: sm2
debug2: ciphers ctos: sm4-ctr
debug2: ciphers stoc: sm4-ctr
debug2: MACs ctos: hmac-sm3
debug2: MACs stoc: hmac-sm3
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: sm2-sm3
debug2: host key algorithms: sm2
debug2: ciphers ctos: sm4-ctr
debug2: ciphers stoc: sm4-ctr
debug2: MACs ctos: hmac-sm3
debug2: MACs stoc: hmac-sm3
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: sm2-sm3
debug1: kex: host key algorithm: sm2
debug1: kex: server->client cipher: sm4-ctr MAC: hmac-sm3 compression: none
debug1: kex: client->server cipher: sm4-ctr MAC: hmac-sm3 compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: sm2 SHA256:r1heTj7IhqtqgKMO8Etx8Bp5rT+LaiItDPhifLaCLEk
debug3: put_host_port: [10.211.55.6]:10023
debug3: put_host_port: [10.211.55.6]:10023
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: checking without port identifier
debug1: load_hostkeys: fopen /root/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug3: hostkeys_find_by_key_hostfile: trying user hostfile "/root/.ssh/known_hosts"
debug1: hostkeys_find_by_key_hostfile: hostkeys file /root/.ssh/known_hosts does not exist
debug3: hostkeys_find_by_key_hostfile: trying user hostfile "/root/.ssh/known_hosts2"
debug1: hostkeys_find_by_key_hostfile: hostkeys file /root/.ssh/known_hosts2 does not exist
debug3: hostkeys_find_by_key_hostfile: trying system hostfile "/etc/ssh/ssh_known_hosts"
debug1: hostkeys_find_by_key_hostfile: hostkeys file /etc/ssh/ssh_known_hosts does not exist
debug3: hostkeys_find_by_key_hostfile: trying system hostfile "/etc/ssh/ssh_known_hosts2"
debug1: hostkeys_find_by_key_hostfile: hostkeys file /etc/ssh/ssh_known_hosts2 does not exist
The authenticity of host '[10.211.55.6]:10023 ([10.211.55.6]:10023)' can't be established.
SM2 key fingerprint is SHA256:r1heTj7IhqtqgKMO8Etx8Bp5rT+LaiItDPhifLaCLEk.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[10.211.55.6]:10023' (SM2) to the list of known hosts.
buffer len = 624
0000: 00 00 00 13 53 53 48 2d 32 2e 30 2d 4f 70 65 6e  ....SSH-2.0-Open
0016: 53 53 48 5f 39 2e 33 00 00 00 13 53 53 48 2d 32  SSH_9.3....SSH-2
0032: 2e 30 2d 4f 70 65 6e 53 53 48 5f 39 2e 33 00 00  .0-OpenSSH_9.3..
0048: 00 a5 14 f7 41 20 45 76 12 fe 70 59 77 dc 94 ba  ....A Ev..pYw...
0064: dc 84 a1 00 00 00 12 73 6d 32 2d 73 6d 33 2c 65  .......sm2-sm3,e
0080: 78 74 2d 69 6e 66 6f 2d 63 00 00 00 03 73 6d 32  xt-info-c....sm2
0096: 00 00 00 07 73 6d 34 2d 63 74 72 00 00 00 07 73  ....sm4-ctr....s
0112: 6d 34 2d 63 74 72 00 00 00 08 68 6d 61 63 2d 73  m4-ctr....hmac-s
0128: 6d 33 00 00 00 08 68 6d 61 63 2d 73 6d 33 00 00  m3....hmac-sm3..
0144: 00 1a 6e 6f 6e 65 2c 7a 6c 69 62 40 6f 70 65 6e  ..none,zlib@open
0160: 73 73 68 2e 63 6f 6d 2c 7a 6c 69 62 00 00 00 1a  ssh.com,zlib....
0176: 6e 6f 6e 65 2c 7a 6c 69 62 40 6f 70 65 6e 73 73  none,zlib@openss
0192: 68 2e 63 6f 6d 2c 7a 6c 69 62 00 00 00 00 00 00  h.com,zlib......
0208: 00 00 00 00 00 00 00 00 00 00 90 14 8e 9d 7c 40  ..............|@
0224: 29 4f 2c 23 66 59 fa 9f a2 13 a1 7c 00 00 00 07  )O,#fY.....|....
0240: 73 6d 32 2d 73 6d 33 00 00 00 03 73 6d 32 00 00  sm2-sm3....sm2..
0256: 00 07 73 6d 34 2d 63 74 72 00 00 00 07 73 6d 34  ..sm4-ctr....sm4
0272: 2d 63 74 72 00 00 00 08 68 6d 61 63 2d 73 6d 33  -ctr....hmac-sm3
0288: 00 00 00 08 68 6d 61 63 2d 73 6d 33 00 00 00 15  ....hmac-sm3....
0304: 6e 6f 6e 65 2c 7a 6c 69 62 40 6f 70 65 6e 73 73  none,zlib@openss
0320: 68 2e 63 6f 6d 00 00 00 15 6e 6f 6e 65 2c 7a 6c  h.com....none,zl
0336: 69 62 40 6f 70 65 6e 73 73 68 2e 63 6f 6d 00 00  ib@openssh.com..
0352: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53 00  ..............S.
0368: 00 00 03 73 6d 32 00 00 00 03 73 6d 32 00 00 00  ...sm2....sm2...
0384: 41 04 a1 c9 cd 77 6e b5 99 c0 9b d0 9d 97 84 d3  A....wn.........
0400: 73 e6 1f 5d 45 1b 71 90 53 83 3b 68 df 3b 60 23  s..]E.q.S.;h.;`#
0416: e0 e9 8f d8 aa c6 89 43 c8 49 3b 98 f4 05 00 9e  .......C.I;.....
0432: ec fc 57 fe 71 08 d4 65 0f a4 33 6e 5d 62 b5 32  ..W.q..e..3n]b.2
0448: 57 eb 00 00 00 41 04 ab 51 17 db e5 bf ac 70 9b  W....A..Q.....p.
0464: c9 d0 d8 9a c2 90 6e ab a4 b0 a7 d4 01 3b 84 5f  ......n......;._
0480: 4d 2e 9b 59 1e 5b f6 f5 89 0a cb 7c 6f af 21 62  M..Y.[.....|o.!b
0496: 31 60 b1 d4 68 a0 5b 55 7e 58 03 15 28 60 d4 65  1`..h.[U~X..(`.e
0512: 11 ab 61 0b 4c d3 8d 00 00 00 41 04 9c 3a e5 31  ..a.L.....A..:.1
0528: 24 05 9b 4c 41 24 3a ce ba 7f 35 3d c8 c6 9e 6b  $..LA$:...5=...k
0544: 83 56 29 38 94 87 3c f1 d0 77 35 65 40 3e 45 50  .V)8..<..w5e@>EP
0560: 11 e6 c1 69 4c 21 fc 98 bb 65 3f 87 b1 eb bc e8  ...iL!...e?.....
0576: 67 48 9b 63 76 24 84 eb cb 08 70 3d 00 00 00 20  gH.cv$....p=... 
0592: 26 27 65 93 f2 72 1e 54 d0 3a e5 90 56 12 16 ca  &'e..r.T.:..V...
0608: 99 a1 04 ed fb 58 c6 05 ec a0 15 03 90 64 1e 75  .....X.......d.u
hash
0000: b9 f2 ae 0a 18 a7 9f 3c 27 5d 80 5e 8d dc 54 c7  .......<'].^..T.
0016: c2 4f 05 c4 d0 3b 5e ef 25 dd 10 84 a7 e7 b3 fb  .O...;^.%.......
key 'A'== key
0000: bd 00 3b c2 24 e9 a5 7d f7 2e 17 05 be 46 48 41  ..;.$..}.....FHA
0016: 6e ae 5c 61 bf 6d da da c3 ed 87 4a e0 04 c0 fa  n.\a.m.....J....
key 'B'== key
0000: 9b ba 95 da e9 a8 98 52 e4 2e 17 52 1e a0 71 1a  .......R...R..q.
0016: 09 55 f9 aa 5d 9e 2e 49 82 08 05 a2 ff 8f 8f 28  .U..]..I.......(
key 'C'== key
0000: 88 bb 1d 01 70 95 9d b0 86 e1 af 21 eb b7 d8 66  ....p......!...f
0016: 8f 10 3c 0d 44 ac 3f 0d 83 76 5f b3 d6 ba ef fc  ..<.D.?..v_.....
key 'D'== key
0000: e0 ac fc a5 69 97 9e e4 e8 40 42 35 1d 5b 47 fc  ....i....@B5.[G.
0016: da 53 2d e2 8e 6c 6c b4 e4 9a fe a3 4b 5e c4 5c  .S-..ll.....K^.\
key 'E'== key
0000: 90 5c fc 66 9d a0 15 19 4c 21 71 7e 7c d2 95 4e  .\.f....L!q~|..N
0016: 15 b6 64 e0 76 61 8e 5c 2c cb f9 f1 60 42 bb f2  ..d.va.\,...`B..
key 'F'== key
0000: b8 fe 82 92 1f 86 bc d7 ac ad e0 57 e0 fb f9 fe  ...........W....
0016: d2 ab ee d2 d6 0a 20 da 57 a7 e9 fa 3e 42 96 eb  ...... .W...>B..
debug3: send packet: type 21
debug2: ssh_set_newkeys: mode 1
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: ssh_set_newkeys: mode 0
debug1: rekey in after 4294967296 blocks
debug3: ssh_get_authentication_socket_path: path '/tmp/ssh-HrWLMcShTPak/agent.879'
debug2: get_agent_identities: ssh_agent_bind_hostkey: agent refused operation
debug1: get_agent_identities: ssh_fetch_identitylist: agent contains no identities
debug1: Will attempt key: /root/  explicit
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com,ssh-dss,ssh-rsa,rsa-sha2-256,rsa-sha2-512,sm2>
debug1: kex_input_ext_info: publickey-hostbound@openssh.com=<0>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0777 for '/root/' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/root/": bad permissions
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: 
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@10.211.55.6's password: 
debug3: send packet: type 50
debug2: we sent a password packet, wait for reply
debug3: receive packet: type 52
Authenticated to 10.211.55.6 ([10.211.55.6]:10023) using "password".
debug1: channel 0: new session [client-session] (inactive timeout: 0)
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions@openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: filesystem
debug3: client_repledge: enter
debug3: receive packet: type 80
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug3: client_input_hostkeys: received SM2 key SHA256:r1heTj7IhqtqgKMO8Etx8Bp5rT+LaiItDPhifLaCLEk
debug3: put_host_port: [10.211.55.6]:10023
debug1: client_input_hostkeys: searching /root/.ssh/known_hosts for [10.211.55.6]:10023 / (none)
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: hostkeys_find: found sm2 key at /root/.ssh/known_hosts:1
debug1: client_input_hostkeys: searching /root/.ssh/known_hosts2 for [10.211.55.6]:10023 / (none)
debug1: client_input_hostkeys: hostkeys file /root/.ssh/known_hosts2 does not exist
debug3: client_input_hostkeys: 1 server keys: 0 new, 1 retained, 0 incomplete match. 0 to remove
debug1: client_input_hostkeys: no new or deprecated keys from server
debug3: client_repledge: enter
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug3: send packet: type 98
debug1: Sending environment.
debug3: Ignored env COLORFGBG
debug3: Ignored env COLORTERM
debug3: Ignored env COMMAND_NOT_FOUND_INSTALL_PROMPT
debug3: Ignored env DBUS_SESSION_BUS_ADDRESS
debug3: Ignored env DESKTOP_SESSION
debug3: Ignored env DISPLAY
debug3: Ignored env DOTNET_CLI_TELEMETRY_OPTOUT
debug3: Ignored env GDMSESSION
debug3: Ignored env GTK_MODULES
debug3: Ignored env HOME
debug1: channel 0: setting env LANG = "C.UTF-8"
debug2: channel 0: request env confirm 0
debug3: send packet: type 98
debug3: Ignored env LANGUAGE
debug3: Ignored env LOGNAME
debug3: Ignored env PANEL_GDK_CORE_DEVICE_EVENTS
debug3: Ignored env PATH
debug3: Ignored env POWERSHELL_TELEMETRY_OPTOUT
debug3: Ignored env POWERSHELL_UPDATECHECK
debug3: Ignored env PWD
debug3: Ignored env QT_ACCESSIBILITY
debug3: Ignored env QT_AUTO_SCREEN_SCALE_FACTOR
debug3: Ignored env QT_QPA_PLATFORMTHEME
debug3: Ignored env SESSION_MANAGER
debug3: Ignored env SHELL
debug3: Ignored env SSH_AGENT_PID
debug3: Ignored env SSH_AUTH_SOCK
debug3: Ignored env TERM
debug3: Ignored env USER
debug3: Ignored env WINDOWID
debug3: Ignored env XAUTHORITY
debug3: Ignored env XDG_CONFIG_DIRS
debug3: Ignored env XDG_CURRENT_DESKTOP
debug3: Ignored env XDG_DATA_DIRS
debug3: Ignored env XDG_GREETER_DATA_DIR
debug3: Ignored env XDG_MENU_PREFIX
debug3: Ignored env XDG_RUNTIME_DIR
debug3: Ignored env XDG_SEAT
debug3: Ignored env XDG_SEAT_PATH
debug3: Ignored env XDG_SESSION_CLASS
debug3: Ignored env XDG_SESSION_DESKTOP
debug3: Ignored env XDG_SESSION_ID
debug3: Ignored env XDG_SESSION_PATH
debug3: Ignored env XDG_SESSION_TYPE
debug3: Ignored env XDG_VTNR
debug3: Ignored env _JAVA_OPTIONS
debug3: Ignored env SHLVL
debug3: Ignored env OLDPWD
debug3: Ignored env LS_COLORS
debug3: Ignored env LESS_TERMCAP_mb
debug3: Ignored env LESS_TERMCAP_md
debug3: Ignored env LESS_TERMCAP_me
debug3: Ignored env LESS_TERMCAP_so
debug3: Ignored env LESS_TERMCAP_se
debug3: Ignored env LESS_TERMCAP_us
debug3: Ignored env LESS_TERMCAP_ue
debug3: Ignored env _
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug3: client_repledge: enter
debug1: pledge: fork
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0

The programs included with the Kali GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
debug1: permanently_set_uid: 0/0
Environment:
  LANG=C.UTF-8
  USER=root
  LOGNAME=root
  HOME=/root
  PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
  MAIL=/var/mail/root
  SHELL=/usr/bin/zsh
  TERM=xterm-256color
  SSH_CLIENT=10.211.55.6 54866 10023
  SSH_CONNECTION=10.211.55.6 54866 10.211.55.6 10023
  SSH_TTY=/dev/pts/2
┌──(root㉿yebinyu)-[~]
└─# 
debug3: receive packet: type 96
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: chan_shutdown_write: channel 0: (i0 o1 sock -1 wfd 5 efd 6 [write])
debug2: channel 0: output drain -> closed
debug3: receive packet: type 98
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug3: receive packet: type 98
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: chan_shutdown_read: channel 0: (i0 o3 sock -1 wfd 4 efd 6 [write])
debug2: channel 0: input open -> closed
debug3: receive packet: type 97
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug3: send packet: type 97
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 [session] r0 i3/0 o3/0 e[write]/0 fd -1/-1/6 sock -1 cc -1 io 0x00/0x00)

debug3: send packet: type 1
Connection to 10.211.55.6 closed.
Transferred: sent 1168, received 2480 bytes, in 8.4 seconds
Bytes per second: sent 139.7, received 296.6
debug1: Exit status 0

┌──(root㉿yebinyu)-[/home/yebinyu/Documents/openssh_with_ukey]

config

#   $OpenBSD: sshd_config,v 1.98 2016/02/17 05:29:04 djm Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# The default requires explicit activation of protocol 1
#Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /root/.ssh/id_sm2
#HostKey /usr/local/etc/ssh/id_sm2_vrp
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /usr/local/etc/ssh/id_ecdsa
#HostKey /usr/local/etc/ssh/id_ecdsa2
#HostKey /etc/ssh/ssh_host_ed25519_key

# Minimum accepted size of the DH parameter p. By default this is set to 1024
# to maintain compatibility with RFC4419, but should be set higher.
# Upstream default is identical to setting this to 2048.
#KexDHMin 1024

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

# Ciphers and keying
#RekeyLimit default none

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#RSAAuthentication yes
PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile  .ssh/authorized_keys

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM yes

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation sandbox
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
#UseTCPWrappers yes

# no default banner path
#Banner none

# override default of no subsystems
Subsystem   sftp    /usr/lib/ssh/sftp-server

# This enables accepting locale enviroment variables LC_* LANG, see sshd_config(5).
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL

# Example of overriding settings on a per-user basis
#Match User anoncvs
#   X11Forwarding no
#   AllowTcpForwarding no
#   PermitTTY no
#   ForceCommand cvs server
MACs hmac-sm3,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
HostKeyAlgorithms sm2,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
KexAlgorithms  sm2-sm3,curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
Ciphers sm4-ctr,chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
PubkeyAcceptedKeyTypes sm2
FingerprintHash sm3
yebin-yu commented 7 months ago 
# Common build variables.

VER          = 
OFFSET       = 
CC           = gcc
LD           = ld
LDSO         = $(CC) -shared -nostartfiles
CFLAGS       = -fPIC -shared $(OFFSET) -O2
LINKFLAGS    = -lpthread -lz
MKDIR        = mkdir -p
RM           = rm -f
CP           = cp -fp
ECHO         = echo
FIND         = find
MV           = mv -f
LN           = ln -s
AR           = ar -r
ARFLAGS      = rv
DEBUG        = 

LINKFLAGS = ../libgm3000.1.0.so

OBJSMAIN    = main.o
MAIN    = longmai

# Complie all
all: $(MAIN)
$(MAIN): $(OBJSMAIN)
    $(RM) $(MAIN)
    $(CC) -o $(MAIN) $(OBJSMAIN) $(LINKFLAGS)

clean:
    $(RM) $(MAIN)
    $(RM) *.o $(MAIN)

# Complie the source code 

%.o: %.c
    $(CC) -g -c -o $@ $? 
%.o: %.cpp
    $(CC) -c -o $@ $?