php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #57215 Received disconnect while negociating
Submitted: 2006-09-01 09:56 UTC Modified: 2012-06-20 15:26 UTC
From: neilorley at gmail dot com Assigned: langemeijer (profile)
Status: Closed Package: ssh2 (PECL)
PHP Version: 5.1.4 OS: FreeBSD 6.1-STABLE
Private report: No CVE-ID: None
 [2006-09-01 09:56 UTC] neilorley at gmail dot com
Description:
------------
I can't find the way to connect to an other FreeBSD 6.1-STABLE using PECL. While debuging the ssh I can see a 
Received disconnect from 10.200.42.2: 11: PECL/ssh2 (http://pecl.php.net/packages/ssh2) message.

PHP modules :

php5-5.1.4          PHP Scripting Language (Apache Module and CLI)
php5-bz2-5.1.4      The bz2 shared extension for php
php5-ctype-5.1.4    The ctype shared extension for php
php5-curl-5.1.4     The curl shared extension for php
php5-dba-5.1.4      The dba shared extension for php
php5-dbase-5.1.4    The dbase shared extension for php
php5-dom-5.1.4      The dom shared extension for php
php5-extensions-1.0 A "meta-port" to install PHP extensions
php5-ftp-5.1.4      The ftp shared extension for php
php5-gd-5.1.4       The gd shared extension for php
php5-gettext-5.1.4  The gettext shared extension for php
php5-iconv-5.1.4    The iconv shared extension for php
php5-mbstring-5.1.4 The mbstring shared extension for php
php5-mcrypt-5.1.4   The mcrypt shared extension for php
php5-mysql-5.1.4    The mysql shared extension for php
php5-odbc-5.1.4     The odbc shared extension for php
php5-openssl-5.1.4  The openssl shared extension for php
php5-pcre-5.1.4     The pcre shared extension for php
php5-pgsql-5.1.4    The pgsql shared extension for php
php5-posix-5.1.4    The posix shared extension for php
php5-readline-5.1.4 The readline shared extension for php
php5-session-5.1.4  The session shared extension for php
php5-simplexml-5.1.4 The simplexml shared extension for php
php5-snmp-5.1.4     The snmp shared extension for php
php5-sockets-5.1.4  The sockets shared extension for php
php5-sqlite-5.1.4   The sqlite shared extension for php
php5-tokenizer-5.1.4 The tokenizer shared extension for php
php5-xml-5.1.4      The xml shared extension for php
php5-xmlreader-5.1.4 The xmlreader shared extension for php
php5-xmlwriter-5.1.4 The xmlwriter shared extension for php
php5-zlib-5.1.4     The zlib shared extension for php

PECL Packages :

pecl-imagick-0.9.11_4 A PECL extension to manipulate images
pecl-pdflib-2.0.4   A PECL extension to create PDF on the fly
pecl-ssh2-0.10      A PECL extension to the libssh2 library

Libssh2 :

libssh2-0.14        A library implementing the SSH2 protocol


Reproduce code:
---------------
if (!($resource= ssh2_connect("217.119.179.41", 22, array('hostkey'=>'ssh-dsa')))) {
       echo "[FAILED]<br />";
       exit(1);
}

if (ssh2_auth_pubkey_file($resource, 'nor','/home/nor/.ssh/id_dsa.pub','/home/nor/.ssh/id_dsa')) {
  	echo "Authentification [OK]<br />";
} else {
  	die('[FAILED]<br />');
}

Expected result:
----------------
Getting connected to the server to use ssh2_scp_recv.

Actual result:
--------------
PHP errors :

Connexion SSH
Warning: ssh2_connect() [function.ssh2-connect]: Failed overriding HOSTKEY method in /usr/local/www/data/provisionoc/scripts/includes/XMLParser.php on line 71
Connexion SSH [OK]
Authentification
Warning: ssh2_auth_pubkey_file() [function.ssh2-auth-pubkey-file]: Authentication failed for nor using public key in /usr/local/www/data/provisionoc/scripts/includes/XMLParser.php on line 83
[FAILED]

Here you can find the ssh debug :

root@srv-ossau# /usr/sbin/sshd -ddd
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 149
debug2: parse_server_config: config /etc/ssh/sshd_config len 149
debug1: sshd version OpenSSH_4.2p1 FreeBSD-20050903
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #0 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-ddd'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: fd 5 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 8 config len 149
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
debug1: res_init()
Connection from 10.200.42.2 port 50311
debug1: Client protocol version 2.0; client software version libssh2_0.14 PHP
debug1: no match: libssh2_0.14 PHP
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903
debug2: fd 3 setting O_NONBLOCK
debug2: Network child is on pid 6625
debug3: preauth child monitor started
debug3: mm_request_receive entering
debug3: privsep user:group 22:22
debug1: permanently_set_uid: 22/22
debug1: list_hostkey_types: ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour,cast128-cbc,3des-cbc
debug2: kex_parse_kexinit: aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour,cast128-cbc,3des-cbc
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com
debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_init: found hmac-sha1
debug1: kex: client->server aes256-cbc hmac-sha1 none
debug2: mac_init: found hmac-sha1
debug1: kex: server->client aes256-cbc hmac-sha1 none
debug2: dh_gen_key: priv key bits set: 238/512
debug2: bits set: 1050/2048
debug1: expecting SSH2_MSG_KEXDH_INIT
debug2: bits set: 1025/2048
debug3: mm_key_sign entering
debug3: mm_request_send entering: type 4
debug3: monitor_read: checking request 4
debug3: mm_answer_sign
debug3: mm_answer_sign: signature 0x2360c0(55)
debug3: mm_request_send entering: type 5
debug2: monitor_read: 4 used once, disabling now
debug3: mm_request_receive entering
debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN
debug3: mm_request_receive_expect entering: type 5
debug3: mm_request_receive entering
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
Received disconnect from 10.200.42.2: 11: PECL/ssh2 (http://pecl.php.net/packages/ssh2)
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-07-20 02:29 UTC] khim dot tieu dot philippe at gmail dot com
I've got the same bug.
I think dsa method is not implemented? is'nt it?
 [2010-01-20 09:15 UTC] rebel29270 at orange dot fr
Same problem any solution ?
 [2010-01-31 01:03 UTC] narenderp at damcogroup dot com
I am using this code:

$connection = ssh2_connect('127.0.0.1', 22, 
array('hostkey'=>'ssh-dss'));

if (ssh2_auth_pubkey_file($connection, 'naren',
                          
'C:/xampp/htdocs/xampp/test/keys/public.pub',
                          
'C:/xampp/htdocs/xampp/test/keys/pvt.ppk')) {
  echo "Public Key Authentication Successful\n";
} else {
  die('Public Key Authentication Failed');
}


Getting this error:
Warning: ssh2_auth_pubkey_file() [function.ssh2-auth-pubkey-
file]: Authentication failed for naren using public key in 
C:\xampp\htdocs\xampp\test\sftp.php on line 15
Public Key Authentication Failed


Any solution?
 [2012-06-20 15:26 UTC] langemeijer@php.net
narenderp: are you using a putty ppk file as a private key? That won't work. 
Convert it to openssh format.

Cannot reproduce this issue with a recent libssh2 version.

If you still encounter this issue create a new bug report with libssh2 version 
info and provide a script to reproduce please.
 [2012-06-20 15:26 UTC] langemeijer@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: langemeijer
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Dec 21 02:01:31 2024 UTC