Cisco IOS 15.x ssh to Solaris Server problem

HorvatHrvoje · ‎05-24-2012

Hello.

We have a Cisco Router 2911 , with IOS 15.x , it has a problem when you try to connect from the Router to the Server with SSH v.2 protocol.

Servers are Sun Solaris 10.

We have test it on Intel and Sparc platform

-Solaris 10 update 5

-Solaris 10 update 7

-Solaris 10 update 9

-Solaris 10 update 10

Test is done on next IOS-es:

c2900-universalk9-mz.SPA.150-1.M5

c2900-universalk9-mz.SPA.150-1.M8

and

c2900-universalk9-mz.SPA.151-4.M4

We have tested with DH key sizes:

(ip ssh dh min size )

1024

2048

4096

Debug on Router (debug ip ssh):

May 24 13:05:13.686 GMT: SSH CLIENT0: protocol version id is - SSH-2.0-Sun_SSH_1.1.4

May 24 13:05:13.686 GMT: SSH CLIENT0: sent protocol version id SSH-2.0-Cisco-1.25

May 24 13:05:13.686 GMT: SSH2 CLIENT 0: send:packet of length 344 (length also includes padlen of 5)

May 24 13:05:13.686 GMT: SSH2 CLIENT 0: SSH2_MSG_KEXINIT sent

May 24 13:05:13.714 GMT: SSH2 CLIENT 0: ssh_receive: 592 bytes received

May 24 13:05:13.714 GMT: SSH2 CLIENT 0: input: total packet length of 592 bytes

May 24 13:05:13.714 GMT: SSH2 CLIENT 0: partial packet length(block size)8 bytes,needed 584 bytes,

maclen 0

May 24 13:05:13.714 GMT: SSH2 CLIENT 0: input: padlength 8 bytes

May 24 13:05:13.714 GMT: SSH2 CLIENT 0: SSH2_MSG_KEXINIT received

May 24 13:05:13.714 GMT: SSH2:kex: server->client enc:aes128-cbc mac:hmac-sha1

May 24 13:05:13.714 GMT: SSH2:kex: client->server enc:aes128-cbc mac:hmac-sha1

====> This first step is OK

May 24 13:05:13.714 GMT: SSH2 CLIENT 0: send:packet of length 24 (length also includes padlen of 6)

May 24 13:05:13.714 GMT: SSH2 CLIENT 0: SSH2_MSG_KEX_DH_GEX_REQUEST sent

May 24 13:05:13.714 GMT: SSH2 CLIENT 0: Range sent- 1024 < 2048 < 4096

May 24 13:05:13.718 GMT: SSH2 CLIENT 0: ssh_receive: 424 bytes received

May 24 13:05:13.718 GMT: SSH2 CLIENT 0: input: total packet length of 424 bytes

May 24 13:05:13.718 GMT: SSH2 CLIENT 0: partial packet length(block size)8 bytes,needed 416 bytes,

maclen 0

May 24 13:05:13.718 GMT: SSH2 CLIENT 0: input: padlength 10 bytes

May 24 13:05:13.718 GMT: SSH2 CLIENT 0: SSH2_MSG_KEX_DH_GEX_GROUP received

May 24 13:05:13.718 GMT: SSH2 CLIENT 0: Server has chosen 3192 -bit dh keys

==> Sun Solaris side choose wrong size (3192) every time , on every Solaris we tested

May 24 13:05:13.718 GMT: %SSH-3-INV_MOD: Invalid modulus length

May 24 13:05:13.718 GMT: SSH CLIENT0: Session disconnected - error 0x00

Interesting thing is that SSH to any other Linux/Unix (except Solaris) is working.

Debug of working ssh to Linux server:

ay 24 13:09:54.967 GMT: SSH CLIENT0: protocol version id is - SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu5

May 24 13:09:54.967 GMT: SSH CLIENT0: sent protocol version id SSH-2.0-Cisco-1.25

May 24 13:09:54.967 GMT: SSH2 CLIENT 0: send:packet of length 344 (length also includes padlen of 5)

May 24 13:09:54.967 GMT: SSH2 CLIENT 0: SSH2_MSG_KEXINIT sent

May 24 13:09:54.971 GMT: SSH2 CLIENT 0: ssh_receive: 536 bytes received

May 24 13:09:54.971 GMT: SSH2 CLIENT 0: input: total packet length of 784 bytes

May 24 13:09:54.971 GMT: SSH2 CLIENT 0: partial packet length(block size)8 bytes,needed 776 bytes,

maclen 0

May 24 13:09:54.971 GMT: SSH2 CLIENT 0: ssh_receive: 248 bytes received

May 24 13:09:54.971 GMT: SSH2 CLIENT 0: partial packet length(block size)8 bytes,needed 776 bytes,

maclen 0

May 24 13:09:54.971 GMT: SSH2 CLIENT 0: input: padlength 10 bytes

May 24 13:09:54.971 GMT: SSH2 CLIENT 0: SSH2_MSG_KEXINIT received

May 24 13:09:54.971 GMT: SSH2:kex: server->client enc:aes128-cbc mac:hmac-sha1

May 24 13:09:54.971 GMT: SSH2:kex: client->server enc:aes128-cbc mac:hmac-sha1

====> This first step is OK

May 24 13:09:54.971 GMT: SSH2 CLIENT 0: send:packet of length 24 (length also includes padlen of 6)

May 24 13:09:54.971 GMT: SSH2 CLIENT 0: SSH2_MSG_KEX_DH_GEX_REQUEST sent

May 24 13:09:54.971 GMT: SSH2 CLIENT 0: Range sent- 1024 < 2048 < 4096

May 24 13:09:54.975 GMT: SSH2 CLIENT 0: ssh_receive: 280 bytes received

May 24 13:09:54.975 GMT: SSH2 CLIENT 0: input: total packet length of 280 bytes

May 24 13:09:54.975 GMT: SSH2 CLIENT 0: partial packet length(block size)8 bytes,needed 272 bytes,

maclen 0

May 24 13:09:54.975 GMT: SSH2 CLIENT 0: input: padlength 8 bytes

May 24 13:09:54.975 GMT: SSH2 CLIENT 0: SSH2_MSG_KEX_DH_GEX_GROUP received

May 24 13:09:54.975 GMT: SSH2 CLIENT 0: Server has chosen 2048 -bit dh keys

May 24 13:09:55.031 GMT: SSH2 CLIENT 0: send:packet of length 272 (length also includes padlen of 6)

May 24 13:09:55.031 GMT: SSH2 CLIENT 0: expecting SSH2_MSG_KEX_DH_GEX_REPLY

May 24 13:09:55.115 GMT: SSH2 CLIENT 0: ssh_receive: 536 bytes received

May 24 13:09:55.115 GMT: SSH2 CLIENT 0: input: total packet length of 832 bytes

May 24 13:09:55.115 GMT: SSH2 CLIENT 0: partial packet length(block size)8 bytes,needed 824 bytes,

maclen 0

May 24 13:09:55.115 GMT: SSH2 CLIENT 0: ssh_receive: 312 bytes received

May 24 13:09:55.115 GMT: SSH2 CLIENT 0: partial packet length(block size)8 bytes,needed 824 bytes,

maclen 0

May 24 13:09:55.115 GMT: SSH2 CLIENT 0: input: padlength 8 bytes

May 24 13:09:55.115 GMT: SSH2 CLIENT 0: SSH2_MSG_KEX_DH_GEX_REPLY received

May 24 13:09:55.115 GMT: SSH2 CLIENT 0: Skipping ServerHostKey Validation

May 24 13:09:55.195 GMT: SSH2 CLIENT 0: signature length 271

May 24 13:09:55.195 GMT: SSH2: kex_derive_keys complete

====> This second step is OK

Configuration of SSH server ( /etc/ssh/sshd_config ) is similar to one on other (working) Linux systems

Then we try to force key size in SSH Daemon config :

For example :

ServerKeyBits 2048

But then again it select key size of 3192 and connection error is the same.

Please help.

BR,

Hrvoje.

rmorehouse2000 · ‎06-13-2012

As a workaround, you could edit the server's /etc/ssh/moduli file and remove the 3192 bit prime. That would force the server to generate a 4096 bit key (the next highest available).