[X2Go-Dev] [X2Go-User] x2go Windows client crashes with Putty Pageant with long RSA 4096 keys

Stefan Baur X2Go-ML-1 at baur-itcs.de
Sun Dec 29 17:37:09 CET 2024 

Gerhard,

please do not cross-post or attempt to "bump" a message - this is a
mailing list, not a web bulletin board.

X2Go is massively underfunded and understaffed - both on the volunteer
side (you might have noticed my desperate posts asking for donations
lately), as well as on the commercial side (from what I know, most, if
not all companies providing commercial X2Go support have needed to
acquire additional sources of income, as X2Go business is waning).

And December is obviously holiday season, where the few volunteers we
have left are likely busy with their families.

If you need timely assistance, especially if it is for a commercial use
case, please consider contracting one of the companies listed at
<https://wiki.x2go.org/doku.php/doc:professional-support>.

If you don't have the budget for that, you will have to wait until
people are willing and able to volunteer their time helping you.

Kind Regards,
Stefan Baur

Am 20.12.24 um 17:20 schrieb Gerhard Wiesinger:
> Hello,
>
> Any comment here?
>
> Ciao,
> Gerhard
>
> On 17.12.2024 19:19, Gerhard Wiesinger wrote:
>> Hello,
>>
>> I'm having a crash problem with latest version (also previous ones)
>> with ssh private key authentication and Putty Pageant. Looks like
>> there is a buffer overflow involved. With several smaller keys (e.g.
>> ssh-ed25519) it works well.
>>
>> I found a scenario to reproduce it:
>> 1. Generate a RSA 4096 Bit length private/public key pair
>> 2. Load it on the Windows client into Putty Pageant
>> 3. Put public key at the server at ~/.ssh/authorized_keys
>> 4. open connection to the server => crash, see logs
>>
>> Looks like it is a bug in the old libssh library version with large
>> private/public keys.
>>
>> Can you please fix the topic.
>>
>> Some questions:
>> - Is the used libssh version really version 0.9.2?
>>   - The logs have some entries with: agent_talk - len of request
>>   - That has been changed in git to another logging in 2011:
>> https://git.libssh.org/projects/libssh.git/commit/?id=ba4f10dc4657952ec47f71dfae90d9fba2eb6759
>>   - Version 0.9.2 has been released in 2019:
>> https://www.libssh.org/2019/11/07/libssh-0-9-2/
>>   - So it looks, not the version 0.9.2 is used
>> - Any plans to upgrade to latest version of libssh 0.11.0 while
>> keeping Putty Pageant Agent support?
>> - Upgrade plans to newer Putty version?
>> - Is there a newer nightly Windows build from newer git sources
>> available?
>>
>> Version:
>> - X2Go Client 4.1.2.3-ba65703-kdrclient-a3134d6
>>   - according to the logs: ssh_connect:  libssh 0.9.2 (c) 2003-2019
>> Aris Adamantiadis, Andreas Schneider and libssh contributors.
>> Distributed under the LGPL, please refer to COPYING file for
>> information about your rights, using threading threads_pthread
>> - Server: (not relevant but version is: x2goserver-4.1.0.6-4.fc41.x86_64)
>>
>> Thnx.
>>
>> Ciao,
>> Gerhard
>>
>> Relevant debug log file on the client:
>> x2go-DEBUG-src\sshmasterconnection.cpp:674> Setting SSH directory to
>> C:/Users/user/ssh
>> [2024/12/17 08:03:09.904803, 3] :  agent_talk - len of request: 1
>> [2024/12/17 08:03:09.904803, 3] :  agent_talk - response length: 568
>> [2024/12/17 08:03:09.904803, 1] ssh_agent_get_ident_count:  Answer
>> type: 12, expected answer: 12
>> [2024/12/17 08:03:09.904803, 3] ssh_agent_get_ident_count:  Agent
>> count: 1
>> [2024/12/17 08:03:09.904803, 3] ssh_userauth_agent:  Trying identity
>> rsa-key-20241217
>> [2024/12/17 08:03:09.904803, 3] ssh_key_algorithm_allowed: Checking
>> rsa-sha2-512 with list
>> <ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at openssh.com,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss>
>> [2024/12/17 08:03:09.904803, 3] ssh_key_algorithm_allowed: Checking
>> rsa-sha2-512 with list
>> <ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at openssh.com,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss>
>> [2024/12/17 08:03:09.904803, 3] packet_send2:  packet: wrote [type=5,
>> len=32, padding_size=14, comp=17, payload=17]
>> [2024/12/17 08:03:09.904803, 3] ssh_service_request:  Sent
>> SSH_MSG_SERVICE_REQUEST (service ssh-userauth)
>> [2024/12/17 08:03:09.904803, 3] ssh_socket_unbuffered_write: Enabling
>> POLLOUT for socket
>> [2024/12/17 08:03:09.949398, 3] ssh_packet_socket_callback: packet:
>> read type 6 [len=32,padding=14,comp=17,payload=17]
>> [2024/12/17 08:03:09.949398, 3] ssh_packet_process:  Dispatching
>> handler for packet type 6
>> [2024/12/17 08:03:09.949398, 3] ssh_packet_service_accept: Received
>> SSH_MSG_SERVICE_ACCEPT
>> [2024/12/17 08:03:09.949398, 3] ssh_socket_unbuffered_write: Enabling
>> POLLOUT for socket
>> [2024/12/17 08:03:09.949398, 3] packet_send2:  packet: wrote [type=50,
>> len=608, padding_size=11, comp=596, payload=596]
>> [2024/12/17 08:03:09.959352, 3] ssh_packet_socket_callback: packet:
>> read type 60 [len=576,padding=19,comp=556,payload=556]
>> [2024/12/17 08:03:09.959352, 3] ssh_packet_process:  Dispatching
>> handler for packet type 60
>> [2024/12/17 08:03:09.959352, 3] ssh_userauth_agent:  Public key of
>> rsa-key-20241217 accepted by server
>> [2024/12/17 08:03:09.959352, 3] ssh_key_algorithm_allowed: Checking
>> rsa-sha2-512 with list
>> <ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at openssh.com,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss>
>> [2024/12/17 08:03:09.959352, 3] ssh_key_algorithm_allowed: Checking
>> rsa-sha2-512 with list
>> <ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at openssh.com,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss>
>> [2024/12/17 08:03:09.959352, 3] :  agent_talk - len of request: 1180
>> QObject::~QObject: Timers cannot be stopped from another thread
>> <---------- CRASH HERE ---------->
>> _______________________________________________
>> x2go-user mailing list
>> x2go-user at lists.x2go.org
>> https://lists.x2go.org/listinfo/x2go-user
>>
>
> _______________________________________________
> x2go-dev mailing list
> x2go-dev at lists.x2go.org
> https://lists.x2go.org/listinfo/x2go-dev

--
BAUR-ITCS UG (haftungsbeschränkt)
Geschäftsführer: Stefan Baur
Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364
Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243

More information about the x2go-dev mailing list