Gerhard,
please do not cross-post or attempt to "bump" a message - this is a mailing list, not a web bulletin board.
X2Go is massively underfunded and understaffed - both on the volunteer side (you might have noticed my desperate posts asking for donations lately), as well as on the commercial side (from what I know, most, if not all companies providing commercial X2Go support have needed to acquire additional sources of income, as X2Go business is waning).
And December is obviously holiday season, where the few volunteers we have left are likely busy with their families.
If you need timely assistance, especially if it is for a commercial use case, please consider contracting one of the companies listed at <https://wiki.x2go.org/doku.php/doc:professional-support>.
If you don't have the budget for that, you will have to wait until people are willing and able to volunteer their time helping you.
Kind Regards, Stefan Baur
Am 20.12.24 um 17:20 schrieb Gerhard Wiesinger:
Hello,
Any comment here?
Ciao, Gerhard
On 17.12.2024 19:19, Gerhard Wiesinger wrote:
Hello,
I'm having a crash problem with latest version (also previous ones) with ssh private key authentication and Putty Pageant. Looks like there is a buffer overflow involved. With several smaller keys (e.g. ssh-ed25519) it works well.
I found a scenario to reproduce it:
- Generate a RSA 4096 Bit length private/public key pair
- Load it on the Windows client into Putty Pageant
- Put public key at the server at ~/.ssh/authorized_keys
- open connection to the server => crash, see logs
Looks like it is a bug in the old libssh library version with large private/public keys.
Can you please fix the topic.
Some questions:
- Is the used libssh version really version 0.9.2? - The logs have some entries with: agent_talk - len of request - That has been changed in git to another logging in 2011: https://git.libssh.org/projects/libssh.git/commit/?id=ba4f10dc4657952ec47f71... - Version 0.9.2 has been released in 2019: https://www.libssh.org/2019/11/07/libssh-0-9-2/ - So it looks, not the version 0.9.2 is used
- Any plans to upgrade to latest version of libssh 0.11.0 while keeping Putty Pageant Agent support?
- Upgrade plans to newer Putty version?
- Is there a newer nightly Windows build from newer git sources available?
Version:
- X2Go Client 4.1.2.3-ba65703-kdrclient-a3134d6 - according to the logs: ssh_connect: libssh 0.9.2 (c) 2003-2019 Aris Adamantiadis, Andreas Schneider and libssh contributors. Distributed under the LGPL, please refer to COPYING file for information about your rights, using threading threads_pthread
- Server: (not relevant but version is: x2goserver-4.1.0.6-4.fc41.x86_64)
Thnx.
Ciao, Gerhard
Relevant debug log file on the client: x2go-DEBUG-src\sshmasterconnection.cpp:674> Setting SSH directory to C:/Users/user/ssh [2024/12/17 08:03:09.904803, 3] : agent_talk - len of request: 1 [2024/12/17 08:03:09.904803, 3] : agent_talk - response length: 568 [2024/12/17 08:03:09.904803, 1] ssh_agent_get_ident_count: Answer type: 12, expected answer: 12 [2024/12/17 08:03:09.904803, 3] ssh_agent_get_ident_count: Agent count: 1 [2024/12/17 08:03:09.904803, 3] ssh_userauth_agent: Trying identity rsa-key-20241217 [2024/12/17 08:03:09.904803, 3] ssh_key_algorithm_allowed: Checking rsa-sha2-512 with list <ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss> [2024/12/17 08:03:09.904803, 3] ssh_key_algorithm_allowed: Checking rsa-sha2-512 with list <ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss> [2024/12/17 08:03:09.904803, 3] packet_send2: packet: wrote [type=5, len=32, padding_size=14, comp=17, payload=17] [2024/12/17 08:03:09.904803, 3] ssh_service_request: Sent SSH_MSG_SERVICE_REQUEST (service ssh-userauth) [2024/12/17 08:03:09.904803, 3] ssh_socket_unbuffered_write: Enabling POLLOUT for socket [2024/12/17 08:03:09.949398, 3] ssh_packet_socket_callback: packet: read type 6 [len=32,padding=14,comp=17,payload=17] [2024/12/17 08:03:09.949398, 3] ssh_packet_process: Dispatching handler for packet type 6 [2024/12/17 08:03:09.949398, 3] ssh_packet_service_accept: Received SSH_MSG_SERVICE_ACCEPT [2024/12/17 08:03:09.949398, 3] ssh_socket_unbuffered_write: Enabling POLLOUT for socket [2024/12/17 08:03:09.949398, 3] packet_send2: packet: wrote [type=50, len=608, padding_size=11, comp=596, payload=596] [2024/12/17 08:03:09.959352, 3] ssh_packet_socket_callback: packet: read type 60 [len=576,padding=19,comp=556,payload=556] [2024/12/17 08:03:09.959352, 3] ssh_packet_process: Dispatching handler for packet type 60 [2024/12/17 08:03:09.959352, 3] ssh_userauth_agent: Public key of rsa-key-20241217 accepted by server [2024/12/17 08:03:09.959352, 3] ssh_key_algorithm_allowed: Checking rsa-sha2-512 with list <ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss> [2024/12/17 08:03:09.959352, 3] ssh_key_algorithm_allowed: Checking rsa-sha2-512 with list <ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss> [2024/12/17 08:03:09.959352, 3] : agent_talk - len of request: 1180 QObject::~QObject: Timers cannot be stopped from another thread <---------- CRASH HERE ---------->
x2go-user mailing list x2go-user@lists.x2go.org https://lists.x2go.org/listinfo/x2go-user
x2go-dev mailing list x2go-dev@lists.x2go.org https://lists.x2go.org/listinfo/x2go-dev
-- BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243