Tera Term, Unexpected SSH2 message(80) on current stage(6) [was Re: SAP-2015-3-1 issues]

Damien Miller djm at mindrot.org
Fri Apr 10 12:06:14 AEST 2015


ok djm

On Fri, 10 Apr 2015, Darren Tucker wrote:

> On Fri, Apr 10, 2015 at 04:45:56AM +0900, IWAMOTO Kouichi wrote:
> > On Wed, 08 Apr 2015 21:28:53 -0500
> > Bryan Drewery <bryan at shatow.net> wrote:
> > 
> > > This patch fixes it in OpenSSH for me:
> > > 
> > > https://people.freebsd.org/~bdrewery/patches/ttssh-host-keys.diff
> > 
> > In this change, hostkey rotation is not used if Tera Term supports it in future.
> > Could you change a modification to the compat.c as follows?
> > 
> > --- compat.c.orig	2015-03-17 14:49:20.000000000 +0900
> > +++ compat.c	2015-04-09 18:35:16.000000000 +0900
> > @@ -167,6 +167,17 @@
> >  					SSH_BUG_SCANNER },
> >  		{ "Probe-*",
> >  					SSH_BUG_PROBE },
> > +		{ "TTSSH/1.5.*,"
> > +		  "TeraTerm SSH*,"
> 
> Should this match all of TTSSH/1.* rather than just 1.5?  Also for
> tidiness I'd rather keep the TTSSH entries grouped together and have the
> compat check with the rest of the hostkey notification code rather than
> inline with the main code.  Does this still work?
> 
> Also, we're nearly out of bug bits, we might have to order some more :-)
> 
> Index: compat.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/ssh/compat.c,v
> retrieving revision 1.88
> diff -u -p -r1.88 compat.c
> --- compat.c	7 Apr 2015 23:00:42 -0000	1.88
> +++ compat.c	10 Apr 2015 00:21:23 -0000
> @@ -165,6 +165,17 @@ compat_datafellows(const char *version)
>  					SSH_BUG_SCANNER },
>  		{ "Probe-*",
>  					SSH_BUG_PROBE },
> +		{ "TeraTerm SSH*,"
> +		  "TTSSH/1.5.*,"
> +		  "TTSSH/2.1*,"
> +		  "TTSSH/2.2*,"
> +		  "TTSSH/2.3*,"
> +		  "TTSSH/2.4*,"
> +		  "TTSSH/2.5*,"
> +		  "TTSSH/2.6*,"
> +		  "TTSSH/2.70*,"
> +		  "TTSSH/2.71*,"
> +		  "TTSSH/2.72*",	SSH_BUG_HOSTKEYS },
>  		{ NULL,			0 }
>  	};
>  
> Index: compat.h
> ===================================================================
> RCS file: /cvs/src/usr.bin/ssh/compat.h,v
> retrieving revision 1.46
> diff -u -p -r1.46 compat.h
> --- compat.h	19 Jan 2015 20:20:20 -0000	1.46
> +++ compat.h	10 Apr 2015 00:21:23 -0000
> @@ -60,6 +60,7 @@
>  #define SSH_NEW_OPENSSH		0x04000000
>  #define SSH_BUG_DYNAMIC_RPORT	0x08000000
>  #define SSH_BUG_CURVE25519PAD	0x10000000
> +#define SSH_BUG_HOSTKEYS	0x20000000
>  
>  void     enable_compat13(void);
>  void     enable_compat20(void);
> Index: sshd.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/ssh/sshd.c,v
> retrieving revision 1.445
> diff -u -p -r1.445 sshd.c
> --- sshd.c	31 Mar 2015 22:55:24 -0000	1.445
> +++ sshd.c	10 Apr 2015 00:21:23 -0000
> @@ -891,6 +891,10 @@ notify_hostkeys(struct ssh *ssh)
>  	int i, nkeys, r;
>  	char *fp;
>  
> +	/* Some clients cannot cope with the hostkeys message, skip those. */
> +	if (datafellows & SSH_BUG_HOSTKEYS)
> +		return;
> +
>  	if ((buf = sshbuf_new()) == NULL)
>  		fatal("%s: sshbuf_new", __func__);
>  	for (i = nkeys = 0; i < options.num_host_key_files; i++) {
> 
> -- 
> Darren Tucker (dtucker at zip.com.au)
> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
>     Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
> 


More information about the openssh-unix-dev mailing list