Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Help with SSH Jumphost #182

Open
talk2drys opened this issue Sep 14, 2023 · 7 comments
Open

Help with SSH Jumphost #182

talk2drys opened this issue Sep 14, 2023 · 7 comments

Comments

@talk2drys
Copy link

I am trying to connect to an ssh server using another server as a jump host, but i have not been able to figure it out, wanted to see if i could get some hint or example to what i could be doing wrong

here is my full code

mod actor;

use russh::client as client_lib;
use std::sync::Arc;
use async_trait::async_trait;
use russh::{client, ChannelId};
use russh_keys::key::PublicKey;


#[actix_rt::main]
async fn main() {
    let config = client_lib::Config::default();

    let jumphost = "172.17.181.25";
    let jumphost_port = 22;
    let jumphost_username = "username";
    let jumphost_password = "password";

    let client = SshClient {
        host: "172.17.181.27",
        port: 22,
        username: "username",
        password: "password",
    };

    let custom_config = Arc::new(config);
    let mut jumphost_session = client_lib::connect(
        custom_config.clone(),
        (jumphost, jumphost_port),
        client.clone(),
    )
    .await
    .unwrap();

    if jumphost_session
        .authenticate_password(jumphost_username, jumphost_password)
        .await
        .unwrap()
    {
        let channel_stream = jumphost_session
            .channel_open_direct_tcpip(client.host, client.port as u32, "127.0.0.1", 0)
            .await
            .unwrap()
            .into_stream();

        let mut ts =
            client_lib::connect_stream(custom_config.clone(), channel_stream, client.clone())
                .await;

        let mut target_session = ts.unwrap();    // <= Disconnect Error occurred hear

        let is_authenticated = target_session
            .authenticate_password(client.username, client.password)
            .await
            .unwrap();

        if is_authenticated {
            let mut channel = target_session.channel_open_session().await.unwrap();
            channel
                .request_pty(true, "xterm", 200, 200, 200, 200, &[])
                .await
                .unwrap();
            channel.request_shell(true).await.unwrap();
            channel.data(&b"ls -ls\n"[..]).await.unwrap();
        }

        // loop {
        //     if let Some(msg) = channel.wait().await {
        //     match msg {
        //         ChannelMsg::Eof => {
        //             println!("Server closed connection");
        //             std::process::exit(0);
        //         }
        //         ChannelMsg::Success => println!("Something was successfull"),
        //         ChannelMsg::Data { data } => println!("{:?}", data),
        //         ChannelMsg::Open {
        //             id,
        //             max_packet_size,
        //             window_size,
        //         } => {
        //             println!("ID: {id}, PACKET_SIZE: {max_packet_size}, WINDOW_SIZE: {window_size}")
        //         }
        //         ChannelMsg::Exec {
        //             want_reply,
        //             command,
        //         } => println!("{:?}:::{:?}", want_reply, command),
        //         ChannelMsg::ExtendedData { data, ext } => println!("{:?} {:?}", data, ext),
        //         ChannelMsg::Failure => println!("Failure"),
        //         ChannelMsg::ExitStatus { exit_status } => println!("{:?}", exit_status),
        //         ChannelMsg::Close => println!("close returned"),
        //
        //         _ => println!("Something Else"),
        //     }
        //         dbg!(msg);
        //     }
        // }
    }
}




#[derive(Debug, Clone)]
pub struct SshClient<'client> {
    pub host: &'client str,
    pub port: u16,
    pub username: &'client str,
    pub password: &'client str,
}

#[async_trait]
impl<'client> client::Handler for SshClient<'client> {
    type Error = anyhow::Error;

    async fn check_server_key(
        self,
        server_public_key: &PublicKey,
    ) -> Result<(Self, bool), Self::Error> {
        println!("check server public key {:?}", server_public_key);
        Ok((self, true))
    }

    async fn data(
        self,
        channel: ChannelId,
        data: &[u8],
        session: client::Session,
    ) -> Result<(Self, client::Session), Self::Error> {
        println!(
            "data on channel {:?}: {:?}",
            channel,
            String::from_utf8_lossy(data)
        );
        Ok((self, session))
    }
}

here is the complete output get

/home/user/Development/learning/rust/learn_ssh/target/debug/learn_ssh
check server public key Ed25519(PublicKey(CompressedEdwardsY: [35, 56, 108, 175, 224, 8, 99, 157, 102, 61, 119, 255, 169, 228, 68, 113, 138, 84, 167, 146, 179, 137, 106, 184, 142, 22, 151, 15, 178, 211, 54, 25]), EdwardsPoint{
        X: FieldElement51([1630537806071078, 648316631189368, 793242739809564, 1818755964497301, 2232763494220464]),
        Y: FieldElement51([854186038933539, 1477670205182892, 735926167081874, 922886286399945, 443572329445745]),
        Z: FieldElement51([1, 0, 0, 0, 0]),
        T: FieldElement51([1505040704566283, 1894851419557823, 1376022236302954, 2064758804968182, 1505568779901593])
}))
data on channel ChannelId(2): "SSH-2.0-OpenSSH_8.0\r\n"
data on channel ChannelId(2): "\0\0\u{4}\u{14}\u{5}\u{14}V(#\u{e}\u{1a}k\u{2}\u{4}\u{1a}��倿��\0\0\u{1}%curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nist521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1\0\0\0Arsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519\0\0\[email protected],[email protected],aes256-ctr,aes256-cbc,[email protected],aes128-ctr,aes128-cbc\0\0\[email protected],[email protected],aes256-ctr,aes256-cbc,[email protected],aes128-ctr,aes128-cbc\0\0\0�[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha1,[email protected],hmac-sha2-512\0\0\0�[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha1,[email protected],hmac-sha2-512\0\0\0\u{15}none,[email protected]\0\0\0\u{15}none,[email protected]\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Disconnected', src/main.rs:52:37
stack backtrace:
   0: rust_begin_unwind
             at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/std/src/panicking.rs:593:5
   1: core::panicking::panic_fmt
             at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/core/src/panicking.rs:67:14
   2: core::result::unwrap_failed
             at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/core/src/result.rs:1651:5
   3: core::result::Result<T,E>::unwrap
             at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/core/src/result.rs:1076:23
   4: learn_ssh::main::{{closure}}
             at ./src/main.rs:52:34
   5: <tokio::task::local::RunUntil<T> as core::future::future::Future>::poll::{{closure}}
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/task/local.rs:923:42
   6: tokio::task::local::LocalSet::with::{{closure}}
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/task/local.rs:684:13
   7: std::thread::local::LocalKey<T>::try_with
             at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/std/src/thread/local.rs:270:16
   8: std::thread::local::LocalKey<T>::with
             at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/std/src/thread/local.rs:246:9
   9: tokio::task::local::LocalSet::with
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/task/local.rs:667:9
  10: <tokio::task::local::RunUntil<T> as core::future::future::Future>::poll
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/task/local.rs:913:9
  11: tokio::task::local::LocalSet::run_until::{{closure}}
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/task/local.rs:573:19
  12: <core::pin::Pin<P> as core::future::future::Future>::poll
             at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/core/src/future/future.rs:125:9
  13: tokio::runtime::scheduler::current_thread::CoreGuard::block_on::{{closure}}::{{closure}}::{{closure}}
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/scheduler/current_thread.rs:541:57
  14: tokio::runtime::coop::with_budget
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/coop.rs:107:5
  15: tokio::runtime::coop::budget
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/coop.rs:73:5
  16: tokio::runtime::scheduler::current_thread::CoreGuard::block_on::{{closure}}::{{closure}}
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/scheduler/current_thread.rs:541:25
  17: tokio::runtime::scheduler::current_thread::Context::enter
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/scheduler/current_thread.rs:350:19
  18: tokio::runtime::scheduler::current_thread::CoreGuard::block_on::{{closure}}
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/scheduler/current_thread.rs:540:36
  19: tokio::runtime::scheduler::current_thread::CoreGuard::enter::{{closure}}
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/scheduler/current_thread.rs:615:57
  20: tokio::macros::scoped_tls::ScopedKey<T>::set
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/macros/scoped_tls.rs:61:9
  21: tokio::runtime::scheduler::current_thread::CoreGuard::enter
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/scheduler/current_thread.rs:615:27
  22: tokio::runtime::scheduler::current_thread::CoreGuard::block_on
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/scheduler/current_thread.rs:530:19
  23: tokio::runtime::scheduler::current_thread::CurrentThread::block_on
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/scheduler/current_thread.rs:154:24
  24: tokio::runtime::runtime::Runtime::block_on
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/runtime/runtime.rs:302:47
  25: tokio::task::local::LocalSet::block_on
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.26.0/src/task/local.rs:534:9
  26: actix_rt::runtime::Runtime::block_on
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-rt-2.8.0/src/runtime.rs:82:9
  27: actix_rt::system::SystemRunner::block_on
             at /home/blackdante/.local/share/cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-rt-2.8.0/src/system.rs:210:9
  28: learn_ssh::main
             at ./src/main.rs:12:1
  29: core::ops::function::FnOnce::call_once
             at /rustc/8ede3aae28fe6e4d52b38157d7bfe0d3bceef225/library/core/src/ops/function.rs:250:5
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
@talk2drys
Copy link
Author

talk2drys commented Sep 15, 2023

more debug info

from ssh server

[root@server ~]# /usr/sbin/sshd -p 2222 -D -ddd -e
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 734
debug2: parse_server_config_depth: config /etc/ssh/sshd_config len 734
debug3: /etc/ssh/sshd_config:22 setting HostKey /etc/ssh/ssh_host_rsa_key
debug3: /etc/ssh/sshd_config:23 setting HostKey /etc/ssh/ssh_host_ecdsa_key
debug3: /etc/ssh/sshd_config:24 setting HostKey /etc/ssh/ssh_host_ed25519_key
debug3: /etc/ssh/sshd_config:37 setting SyslogFacility AUTHPRIV
debug3: /etc/ssh/sshd_config:43 setting PermitRootLogin yes
debug3: /etc/ssh/sshd_config:52 setting AuthorizedKeysFile .ssh/authorized_keys
debug3: /etc/ssh/sshd_config:70 setting PasswordAuthentication yes
debug3: /etc/ssh/sshd_config:74 setting ChallengeResponseAuthentication no
debug3: /etc/ssh/sshd_config:84 setting GSSAPIAuthentication yes
debug3: /etc/ssh/sshd_config:85 setting GSSAPICleanupCredentials no
debug3: /etc/ssh/sshd_config:101 setting UsePAM yes
debug3: /etc/ssh/sshd_config:106 setting X11Forwarding yes
debug3: /etc/ssh/sshd_config:113 setting PrintMotd no
debug3: /etc/ssh/sshd_config:132 setting AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
debug3: /etc/ssh/sshd_config:133 setting AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
debug3: /etc/ssh/sshd_config:134 setting AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
debug3: /etc/ssh/sshd_config:135 setting AcceptEnv XMODIFIERS
debug3: /etc/ssh/sshd_config:138 setting Subsystem sftp /usr/libexec/openssh/sftp-server
debug1: sshd version OpenSSH_8.0, OpenSSL 1.1.1k  FIPS 25 Mar 2021
debug1: private host key #0: ssh-rsa SHA256:gCxchYALrAgD5D57biUHoAUg3aaAs1tPqRpp5VXoMaU
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:/ATX90FsKZzZz0Srbhx6YuPjgup3XMJ5O6PJLqvEthg
debug1: private host key #2: ssh-ed25519 SHA256:11pRoi+oRR1ifmjb+ztZp7DIFsa2mmPkiKVfoJ3ob6o
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-p'
debug1: rexec_argv[2]='2222'
debug1: rexec_argv[2]='2222'
debug1: rexec_argv[3]='-D'
debug1: rexec_argv[4]='-ddd'
debug1: rexec_argv[5]='-e'
debug3: oom_adjust_setup
debug1: Set /proc/self/oom_score_adj from 0 to -1000
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 2222 on 0.0.0.0.
Server listening on 0.0.0.0 port 2222.
debug2: fd 6 setting O_NONBLOCK
debug3: sock_set_v6only: set socket 6 IPV6_V6ONLY
debug1: Bind to port 2222 on ::.
Server listening on :: port 2222.
debug3: fd 7 is not O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 10 config len 734
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 7 out 7 newsock 7 pipe -1 sock 10
debug3: recv_rexec_state: entering fd = 5
debug3: ssh_msg_recv entering
debug3: recv_rexec_state: done
debug2: parse_server_config_depth: config rexec len 734
debug3: rexec:22 setting HostKey /etc/ssh/ssh_host_rsa_key
debug3: rexec:23 setting HostKey /etc/ssh/ssh_host_ecdsa_key
debug3: rexec:24 setting HostKey /etc/ssh/ssh_host_ed25519_key
debug3: rexec:37 setting SyslogFacility AUTHPRIV
debug3: rexec:43 setting PermitRootLogin yes
debug3: rexec:52 setting AuthorizedKeysFile .ssh/authorized_keys
debug3: rexec:70 setting PasswordAuthentication yes
debug3: rexec:74 setting ChallengeResponseAuthentication no
debug3: rexec:84 setting GSSAPIAuthentication yes
debug3: rexec:85 setting GSSAPICleanupCredentials no
debug3: rexec:101 setting UsePAM yes
debug3: rexec:106 setting X11Forwarding yes
debug3: rexec:113 setting PrintMotd no
debug3: rexec:132 setting AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
debug3: rexec:133 setting AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
debug3: rexec:134 setting AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
debug3: rexec:135 setting AcceptEnv XMODIFIERS
debug3: rexec:138 setting Subsystem sftp        /usr/libexec/openssh/sftp-server
debug1: sshd version OpenSSH_8.0, OpenSSL 1.1.1k  FIPS 25 Mar 2021
debug1: private host key #0: ssh-rsa SHA256:gCxchYALrAgD5D57biUHoAUg3aaAs1tPqRpp5VXoMaU
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:/ATX90FsKZzZz0Srbhx6YuPjgup3XMJ5O6PJLqvEthg
debug1: private host key #2: ssh-ed25519 SHA256:11pRoi+oRR1ifmjb+ztZp7DIFsa2mmPkiKVfoJ3ob6o
debug1: inetd sockets after dupping: 4, 4
Connection from 172.17.181.25 port 36846 on 172.17.181.27 port 2222
debug1: Local version string SSH-2.0-OpenSSH_8.0
debug1: Remote protocol version 2.0, remote software version russh_0.37.1
debug1: no match: russh_0.37.1
debug2: fd 4 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing seccomp filter sandbox
debug2: Network child is on pid 58782
debug3: preauth child monitor started
debug1: SELinux support disabled [preauth]
debug3: privsep user:group 74:74 [preauth]
debug1: permanently_set_uid: 74/74 [preauth]
debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug3: send packet: type 20 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]

cargo log

localhost% RUST_LOG=debug cargo run 2>&1 > cargo_log
warning: variable does not need to be mutable
  --> src/main.rs:58:13
   |
58 |         let mut ts =
   |             ----^^
   |             |
   |             help: remove this `mut`
   |
   = note: `#[warn(unused_mut)]` on by default

warning: `learn_ssh` (bin "learn_ssh") generated 1 warning (run `cargo fix --bin "learn_ssh"` to apply 1 suggestion)
    Finished dev [unoptimized + debuginfo] target(s) in 0.06s
     Running `target/debug/learn_ssh`
[2023-09-15T15:13:52Z DEBUG russh::ssh_read] read_ssh_id: reading
[2023-09-15T15:13:52Z DEBUG russh::ssh_read] read 21
[2023-09-15T15:13:52Z DEBUG russh::ssh_read] Ok("SSH-2.0-OpenSSH_8.0\r\n")
[2023-09-15T15:13:52Z DEBUG russh::cipher] writing, seqn = 0
[2023-09-15T15:13:52Z DEBUG russh::cipher] padding length 8
[2023-09-15T15:13:52Z DEBUG russh::cipher] packet_length 644
[2023-09-15T15:13:52Z DEBUG russh::client] writing 648 bytes
[2023-09-15T15:13:52Z DEBUG russh::ssh_read] id 21 21
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, len = [0, 0, 4, 20]
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, seqn = 0
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, clear len = 1044
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact 1048
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact done
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, padding_length 5
[2023-09-15T15:13:52Z DEBUG russh::client::kex] extending []
[2023-09-15T15:13:52Z DEBUG russh::negotiation] kex 193
[2023-09-15T15:13:52Z DEBUG russh::negotiation] kex 215
[2023-09-15T15:13:52Z DEBUG russh::negotiation] kex 223
[2023-09-15T15:13:52Z DEBUG russh::negotiation] client_compression = None
[2023-09-15T15:13:52Z DEBUG russh::client::kex] algo = Names { kex: Name("[email protected]"), key: Name("ssh-ed25519"), cipher: Name("[email protected]"), client_mac: Name("[email protected]
m"), server_mac: Name("[email protected]"), server_compression: None, client_compression: None, ignore_guessed: false }
[2023-09-15T15:13:52Z DEBUG russh::client::kex] write = []
[2023-09-15T15:13:52Z DEBUG russh::client::kex] i0 = 635
[2023-09-15T15:13:52Z DEBUG russh::cipher] writing, seqn = 1
[2023-09-15T15:13:52Z DEBUG russh::cipher] padding length 6
[2023-09-15T15:13:52Z DEBUG russh::cipher] packet_length 44
[2023-09-15T15:13:52Z DEBUG russh::client::kex] moving to kexdhdone, exchange = Exchange { client_id: CryptoVec { p: 0x55a64de5a560, size: 20, capacity: 32 }, server_id: CryptoVec { p: 0x55a64de5a530, size: 19, capacity: 32 }
, client_kex_init: CryptoVec { p: 0x55a64de5ab90, size: 635, capacity: 1024 }, server_kex_init: CryptoVec { p: 0x55a64de606a0, size: 1038, capacity: 2048 }, client_ephemeral: CryptoVec { p: 0x55a64de61350, size: 32, capacity:
 32 }, server_ephemeral: CryptoVec { p: 0x1, size: 0, capacity: 0 } }
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, len = [0, 0, 0, 188]
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, seqn = 1
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, clear len = 188
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact 192
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact done
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, padding_length 8
[2023-09-15T15:13:52Z DEBUG russh::client] server_public_Key: Ed25519(PublicKey(CompressedEdwardsY: [35, 56, 108, 175, 224, 8, 99, 157, 102, 61, 119, 255, 169, 228, 68, 113, 138, 84, 167, 146, 179, 137, 106, 184, 142, 22, 151
, 15, 178, 211, 54, 25]), EdwardsPoint{
        X: FieldElement51([1630537806071078, 648316631189368, 793242739809564, 1818755964497301, 2232763494220464]),
        Y: FieldElement51([854186038933539, 1477670205182892, 735926167081874, 922886286399945, 443572329445745]),
        Z: FieldElement51([1, 0, 0, 0, 0]),
        T: FieldElement51([1505040704566283, 1894851419557823, 1376022236302954, 2064758804968182, 1505568779901593])
    }))
[2023-09-15T15:13:52Z DEBUG russh::client] kexdhdone.exchange = Exchange { client_id: CryptoVec { p: 0x55a64de5a560, size: 20, capacity: 32 }, server_id: CryptoVec { p: 0x55a64de5a530, size: 19, capacity: 32 }, client_kex_ini
t: CryptoVec { p: 0x55a64de5ab90, size: 635, capacity: 1024 }, server_kex_init: CryptoVec { p: 0x55a64de606a0, size: 1038, capacity: 2048 }, client_ephemeral: CryptoVec { p: 0x55a64de61350, size: 32, capacity: 32 }, server_ep
hemeral: CryptoVec { p: 0x55a64de61810, size: 32, capacity: 32 } }
[2023-09-15T15:13:52Z DEBUG russh::client] exchange hash: CryptoVec { p: 0x55a64de625c0, size: 32, capacity: 32 }
[2023-09-15T15:13:52Z DEBUG russh::client] sig_type: [115, 115, 104, 45, 101, 100, 50, 53, 53, 49, 57]
[2023-09-15T15:13:52Z DEBUG russh::client] signature: [163, 170, 243, 150, 229, 113, 65, 85, 153, 199, 157, 90, 255, 120, 248, 76, 97, 162, 27, 92, 39, 20, 90, 224, 62, 192, 52, 41, 168, 221, 63, 215, 199, 83, 58, 58, 95, 157
, 250, 93, 63, 163, 187, 214, 156, 66, 136, 62, 64, 15, 19, 136, 111, 151, 180, 250, 13, 181, 135, 76, 215, 200, 103, 10]
[2023-09-15T15:13:52Z DEBUG russh::cipher] writing, seqn = 2
[2023-09-15T15:13:52Z DEBUG russh::cipher] padding length 10
[2023-09-15T15:13:52Z DEBUG russh::cipher] packet_length 12
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, len = [0, 0, 0, 12]
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, seqn = 2
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, clear len = 12
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact 16
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact done
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, padding_length 10
[2023-09-15T15:13:52Z DEBUG russh::client] newkeys received
[2023-09-15T15:13:52Z DEBUG russh::client::encrypted] sending ssh-userauth service requset
[2023-09-15T15:13:52Z DEBUG russh::cipher] writing, seqn = 3
[2023-09-15T15:13:52Z DEBUG russh::cipher] padding length 6
[2023-09-15T15:13:52Z DEBUG russh::cipher] packet_length 24
[2023-09-15T15:13:52Z DEBUG russh::client::encrypted] write_auth_request_if_needed: is_waiting = false
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, len = [31, 60, 208, 12]
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, seqn = 3
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, clear len = 40
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact 44
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact done
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, padding_length 6
[2023-09-15T15:13:52Z DEBUG russh::client::encrypted] waiting service request, Some(6) 6
[2023-09-15T15:13:52Z DEBUG russh::client::encrypted] enc: [0, 0, 0, 58, 50, 0, 0, 0, 4, 114, 111, 111, 116, 0, 0, 0, 14, 115, 115, 104, 45, 99, 111, 110, 110, 101, 99, 116, 105, 111, 110, 0, 0, 0, 8, 112, 97, 115, 115, 119,
111, 114, 100, 0, 0, 0, 0, 14, 49, 110, 115, 50, 100, 101, 111, 117, 116, 64, 50, 48, 50, 50]
[2023-09-15T15:13:52Z DEBUG russh::cipher] writing, seqn = 4
[2023-09-15T15:13:52Z DEBUG russh::cipher] padding length 5
[2023-09-15T15:13:52Z DEBUG russh::cipher] packet_length 64
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, len = [7, 156, 192, 165]
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, seqn = 4
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, clear len = 24
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact 28
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact done
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, padding_length 6
[2023-09-15T15:13:52Z DEBUG russh::client::encrypted] userauth_success
[2023-09-15T15:13:52Z DEBUG russh::cipher] writing, seqn = 5
[2023-09-15T15:13:52Z DEBUG russh::cipher] padding length 4
[2023-09-15T15:13:52Z DEBUG russh::cipher] packet_length 72
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, len = [223, 88, 101, 38]
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, seqn = 5
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, clear len = 624
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact 628
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact done
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, padding_length 4
[2023-09-15T15:13:52Z DEBUG russh::client::encrypted] failed to parse announced host key [0, 0, 0, 19, 101, 99, 100, 115, 97, 45, 115, 104, 97, 50, 45, 110, 105, 115, 116, 112, 50, 53, 54, 0, 0, 0, 8, 110, 105, 115, 116, 112,
 50, 53, 54, 0, 0, 0, 65, 4, 151, 84, 87, 231, 131, 254, 186, 38, 9, 206, 103, 210, 188, 124, 81, 35, 245, 73, 81, 103, 33, 162, 213, 84, 188, 99, 14, 64, 86, 207, 214, 12, 139, 172, 100, 74, 45, 95, 34, 63, 47, 214, 61, 113,
 207, 91, 82, 141, 0, 207, 242, 184, 221, 65, 86, 105, 178, 122, 131, 82, 165, 211, 197, 216]: Keys(CouldNotReadKey)
 [2023-09-15T15:13:52Z DEBUG russh::client] openssh_ext_hostkeys_announced: [RSA { key: OpenSSLPKey { (hidden) }, hash: SHA2_256 }, Ed25519(PublicKey(CompressedEdwardsY: [35, 56, 108, 175, 224, 8, 99, 157, 102, 61, 119, 255, 169, 228, 68, 113, 138, 84, 167, 146, 179, 137, 106, 184, 142, 22, 151, 15, 178, 211, 54, 25]), EdwardsPoint{
        X: FieldElement51([1630537806071078, 648316631189368, 793242739809564, 1818755964497301, 2232763494220464]),
        Y: FieldElement51([854186038933539, 1477670205182892, 735926167081874, 922886286399945, 443572329445745]),
        Z: FieldElement51([1, 0, 0, 0, 0]),
        T: FieldElement51([1505040704566283, 1894851419557823, 1376022236302954, 2064758804968182, 1505568779901593])
    }))]
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, len = [69, 83, 43, 66]
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, seqn = 6
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, clear len = 56
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact 60
[2023-09-15T15:13:52Z DEBUG russh::cipher] read_exact done
[2023-09-15T15:13:52Z DEBUG russh::cipher] reading, padding_length 4
[2023-09-15T15:13:52Z DEBUG russh::client::encrypted] channel_open_failure
thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: ChannelOpenFailure(ConnectFailed)', src/main.rs:55:14
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
[2023-09-15T15:13:52Z DEBUG russh::client] drop handle
[2023-09-15T15:13:52Z DEBUG russh::client] drop session
localhost%

localhost%
localhost% cat cargo_log
check server public key Ed25519(PublicKey(CompressedEdwardsY: [35, 56, 108, 175, 224, 8, 99, 157, 102, 61, 119, 255, 169, 228, 68, 113, 138, 84, 167, 146, 179, 137, 106, 184, 142, 22, 151, 15, 178, 211, 54, 25]), EdwardsPoint{
        X: FieldElement51([1630537806071078, 648316631189368, 793242739809564, 1818755964497301, 2232763494220464]),
        Y: FieldElement51([854186038933539, 1477670205182892, 735926167081874, 922886286399945, 443572329445745]),
        Z: FieldElement51([1, 0, 0, 0, 0]),
        T: FieldElement51([1505040704566283, 1894851419557823, 1376022236302954, 2064758804968182, 1505568779901593])
}))

@judgeman5
Copy link

It looks like the client can't read the key being sent from the server. Make sure to enable the openssh feature of Russh if the server isn't using an ed25519 key.

@talk2drys
Copy link
Author

@judgeman5, this is my Cargo.toml file

[package]
name = "learn_ssh"
version = "0.1.0"
edition = "2021"

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dependencies]
actix-rt = "2.8.0"
anyhow = "1.0.70"
async-trait = "0.1.67"
russh = { version = "0.37.1", features = ["openssl"]}
russh-keys = "0.37.1"
russh-config = "0.7"
serde = {version = "1.0.158", features = ["derive"]}
log = "0.4.20"
env_logger = "0.10.0"

I even tried "vendored-openssl" still the same.

I have tested connecting directly to both server, they work, but when implementing jumphost, that is when i get this error.

@judgeman5
Copy link

@judgeman5, this is my Cargo.toml file

[package]
name = "learn_ssh"
version = "0.1.0"
edition = "2021"

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dependencies]
actix-rt = "2.8.0"
anyhow = "1.0.70"
async-trait = "0.1.67"
russh = { version = "0.37.1", features = ["openssl"]}
russh-keys = "0.37.1"
russh-config = "0.7"
serde = {version = "1.0.158", features = ["derive"]}
log = "0.4.20"
env_logger = "0.10.0"

I even tried "vendored-openssl" still the same.

I have tested connecting directly to both server, they work, but when implementing jumphost, that is when i get this error.

Have you tried enabling the openssl feature for russh-keys as well. I think it would be

russh-keys = { version = "0.37.1", features = ["vendored-openssl"]}

@talk2drys
Copy link
Author

@judgeman5, this is my Cargo.toml file

[package]
name = "learn_ssh"
version = "0.1.0"
edition = "2021"

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dependencies]
actix-rt = "2.8.0"
anyhow = "1.0.70"
async-trait = "0.1.67"
russh = { version = "0.37.1", features = ["openssl"]}
russh-keys = "0.37.1"
russh-config = "0.7"
serde = {version = "1.0.158", features = ["derive"]}
log = "0.4.20"
env_logger = "0.10.0"

I even tried "vendored-openssl" still the same.
I have tested connecting directly to both server, they work, but when implementing jumphost, that is when i get this error.

Have you tried enabling the openssl feature for russh-keys as well. I think it would be

russh-keys = { version = "0.37.1", features = ["vendored-openssl"]}

yes, i tried that too, exactly the same error

@talk2drys
Copy link
Author

@judgeman5 please do you know any other way i can do the same thing

@talk2drys
Copy link
Author

@judgeman5 it working now, i updated from 0.37.1 to 0.38 I think this pull #152 request was what fixed it and also i still have the vendored-openssl feature flag

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants