php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #72897 The client to server MAC algorithm list is truncated when I call ssh2_connect
Submitted: 2016-08-19 13:18 UTC Modified: 2016-08-19 13:19 UTC
Votes:4
Avg. Score:4.8 ± 0.4
Reproduced:3 of 3 (100.0%)
Same Version:1 (33.3%)
Same OS:1 (33.3%)
From: benjamin dot cohen-solal at dalenys dot com Assigned:
Status: Open Package: ssh2 (PECL)
PHP Version: 5.6.25 OS: Debian 8
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2016-08-19 13:18 UTC] benjamin dot cohen-solal at dalenys dot com
Description:
------------
When I send the following algorithm list in client to server / mac field:
hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com

I receive the error message:
ben@debian:~$ php script.php
PHP Warning:  ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys in /home/ben/scriptphp on line 3
PHP Stack trace:
PHP   1. {main}() /home/ben/script.php:0
PHP   2. ssh2_connect() /home/ben/script.php:3

I successfully configured a ProFTPd server on my server on port 443 and when I check its logs, I get the following error:

2016-08-17 14:53:36,048 mod_sftp/0.9.9[9930]: no shared client-to-server MAC algorithm found (client sent 'hmcom', server sent 'hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com')

I never sent the "hmcom" value, it seems to have truncated the 2 first letters and the 3 last ones from my algorithm list: hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com because for example if I changed the ".com" into ".cot", I get the error:
2016-08-17 14:53:36,048 mod_sftp/0.9.9[9930]: no shared client-to-server MAC algorithm found (client sent 'hmcot', server sent 'hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com')

When I use the binary file sftp with shell_exec as following:
sftp -P 443 myhost.com
All is OK

---
From manual page: http://www.php.net/function.ssh2-connect
---


Test script:
---------------
<?php

ssh2_connect("myhost.com", 443, array(
    "client_to_server" => array(
      "mac" => 'hmac-sha2-256,hmac-sha2-512,umac-64@openssh.com'
    ),
  )
);


Expected result:
----------------
I don't expect any error message

Actual result:
--------------
I get the following error:

PHP Warning:  ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys in /home/ben/script.php on line 3
PHP Stack trace:
PHP   1. {main}() /home/bcohen/toto.php:0
PHP   2. ssh2_connect() /home/bcohen/toto.php:3
PHP Warning:  ssh2_connect(): Unable to connect to myhost.com in /home/ben/script.php on line 3
PHP Stack trace:
PHP   1. {main}() /home/ben/script.php:0
PHP   2. ssh2_connect() /home/ben/script.php:3


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-08-19 13:19 UTC] benjamin dot cohen-solal at dalenys dot com
-Summary: The client to server MAC algorithm list is truncated +Summary: The client to server MAC algorithm list is truncated when I call ssh2_connect
 [2016-08-19 13:19 UTC] benjamin dot cohen-solal at dalenys dot com
Add precision on title
 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Fri Aug 23 08:01:26 2019 UTC