c - 无法使用 wolfssh 库与 Cisco IOS 设备建立 ssh 连接

标签 c ssh visual-studio-2017 wolfssl

尝试使用 wolfssh 库连接到 cisco ios 设备。

以下是用于连接的代码片段

    WOLFSSH_CTX* ctx = NULL;
    WOLFSSH* ssh = NULL;
    SOCKET_T sockFd = WOLFSSH_SOCKET_INVALID;
    SOCKADDR_IN_T clientAddr;
    socklen_t clientAddrSz = sizeof(clientAddr);
    char rxBuf[80];
    int ret;
    int ch;
    word16 port = 22;
    const char* host = "xx.xx.xx.xx";
    const char* username = "wwww";
    const char* password = "wwww";
    const char* cmd = "sh clock";

    wolfSSH_Debugging_ON();

    WSTARTTCP();
    wolfSSH_Init();

    ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_CLIENT, NULL);
    if (ctx == NULL)
        err_sys("Couldn't create wolfSSH client context.");

    wolfSSH_SetUserAuth(ctx, wsUserAuth);

    ssh = wolfSSH_new(ctx);
    if ( ssh == NULL ) {
        err_sys("Failed to create SSH");
    }

    wolfSSH_SetUserAuthCtx(ssh, (void*)password);

    ret = wolfSSH_SetUsername(ssh, username);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't set the username.");

    build_addr(&clientAddr, (char *)host, port);
    tcp_socket(&sockFd);
    ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
    if (ret != 0) {
        err_sys("Couldn't connect to server.");
    }
    else {
        cout << "Connected to "<<host<<endl;
    }

    ret = wolfSSH_set_fd(ssh, (int)sockFd);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't set the session's socket.");



    ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_EXEC,
        NULL, 0);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't set the channel type.");

    ret = wolfSSH_connect(ssh);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't connect ssh.");

但最终出现以下错误日志。
无法继续。
在 wolfSSH_connect(ssh) 中出现错误
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_Init()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_Init(), returning 0
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_CTX_new()
2020-05-13 07:01:55 [DEBUG] Entering CtxInit()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_CTX_new(), ctx = 00000072FB1E7D80
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_new()
2020-05-13 07:01:55 [DEBUG] Entering SshInit()
2020-05-13 07:01:55 [DEBUG] Entering HandshakeInfoNew()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_new(), ssh = 00000072FB1E93E0
Connected to xx.xx.xx.xx
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_set_fd()
2020-05-13 07:01:55 [DEBUG] No subsystem name or name was too large
2020-05-13 07:02:04 [DEBUG] Entering wolfSSH_connect()
2020-05-13 07:02:30 [DEBUG] SSH-2.0-wolfSSHv1.4.3

2020-05-13 07:02:30 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-13 07:02:30 [DEBUG] Embed Send trying to send 23
2020-05-13 07:02:30 [DEBUG] Embed Send sent 23
2020-05-13 07:02:30 [DEBUG] SB: Shrinking output buffer
2020-05-13 07:02:30 [DEBUG] Entering ShrinkBuffer()
2020-05-13 07:02:30 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-13 07:02:30 [DEBUG] SB: releasing dynamic buffer
2020-05-13 07:02:30 [DEBUG] Leaving ShrinkBuffer()
2020-05-13 07:02:34 [DEBUG] connect state: CLIENT_VERSION_SENT
2020-05-13 07:02:41 [DEBUG] Receive: recvd = 255
2020-05-13 07:03:30 [DEBUG] get input text failed
2020-05-13 07:03:35 [DEBUG] connect error: CLIENT_VERSION_SENT, -1013

更新

用 wolfssh 1.4.4 尝试了相同的代码(来自 github 的当前版本)
它在 ssh connect 方面取得了一些进展。
但它在 XMEMSET 的 rsa.c 中崩溃了......
int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
{
    int ret = 0;

    if (key == NULL) {
        return BAD_FUNC_ARG;
    }

    XMEMSET(key, 0, sizeof(RsaKey));

以下是错误日志。
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_Init()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_Init(), returning 0
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_CTX_new()
2020-05-15 05:51:28 [DEBUG] Entering CtxInit()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_CTX_new(), ctx = 000000AFC91FDFD0
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_new()
2020-05-15 05:51:28 [DEBUG] Entering SshInit()
2020-05-15 05:51:28 [DEBUG] Entering HandshakeInfoNew()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_new(), ssh = 000000AFC91FE050
Connected to xx.xx.xx.xx
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_set_fd()
2020-05-15 05:51:32 [DEBUG] No subsystem name or name was too large
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_connect()
2020-05-15 05:51:38 [DEBUG] SSH-2.0-wolfSSHv1.4.4

2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 23
2020-05-15 05:51:38 [DEBUG] Embed Send sent 23
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_VERSION_SENT
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 255
2020-05-15 05:51:38 [DEBUG] Checking for old version of protocol exchange
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 236, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] connect state: SERVER_VERSION_DONE
2020-05-15 05:51:38 [DEBUG] Entering SendKexInit()
2020-05-15 05:51:38 [DEBUG] BP: paddingSz = 4
2020-05-15 05:51:38 [DEBUG] CreateMac none
2020-05-15 05:51:38 [DEBUG] Encrypt none
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 376
2020-05-15 05:51:38 [DEBUG] Embed Send sent 376
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] Leaving SendKexInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_KEXINIT_SENT
2020-05-15 05:51:38 [DEBUG] PR1: size = 8
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] PR2: size = 312
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 76
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] VerifyMac none
2020-05-15 05:51:38 [DEBUG] VM: inSz = 312
2020-05-15 05:51:38 [DEBUG] VM: seq = 0
2020-05-15 05:51:38 [DEBUG] VM: keyLen = 0
2020-05-15 05:51:38 [DEBUG] DoPacket sequence number: 0
2020-05-15 05:51:38 [DEBUG] Decoding MSGID_KEXINIT
2020-05-15 05:51:38 [DEBUG] Entering DoKexInit()
2020-05-15 05:51:38 [DEBUG] DKI: KEX Algorithms
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = diffie-hellman-group14-sha1
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Server Host Key Algorithms
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = ssh-rsa
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Enc Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = aes128-ctr
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Enc Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = aes128-ctr
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: MAC Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha2-256
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1-96
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: MAC Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha2-256
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1-96
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Compression Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = none
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Compression Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = none
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Languages - Client to Server
2020-05-15 05:51:38 [DEBUG] DKI: Languages - Server to Client
2020-05-15 05:51:38 [DEBUG] DKI: KEX Packet Follows
2020-05-15 05:51:38 [DEBUG] DKI: For Future Use
2020-05-15 05:51:38 [DEBUG] Leaving DoKexInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] PR3: peerMacSz = 0
2020-05-15 05:51:38 [DEBUG] PR4: Shrinking input buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 1
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] PR5: txCount = 376, rxCount = 312
2020-05-15 05:51:38 [DEBUG] connect state: SERVER_KEXINIT_DONE
2020-05-15 05:51:38 [DEBUG] Entering SendKexDhInit()
2020-05-15 05:51:38 [DEBUG] BP: paddingSz = 5
2020-05-15 05:51:38 [DEBUG] CreateMac none
2020-05-15 05:51:38 [DEBUG] Encrypt none
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 272
2020-05-15 05:51:38 [DEBUG] Embed Send sent 272
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] Leaving SendKexDhInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_KEXDH_INIT_SENT
2020-05-15 05:51:38 [DEBUG] PR1: size = 8
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 8
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] PR2: size = 832
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 824
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] VerifyMac none
2020-05-15 05:51:38 [DEBUG] VM: inSz = 832
2020-05-15 05:51:38 [DEBUG] VM: seq = 1
2020-05-15 05:51:38 [DEBUG] VM: keyLen = 0
2020-05-15 05:51:38 [DEBUG] DoPacket sequence number: 1
2020-05-15 05:51:38 [DEBUG] Decoding MSGID_KEXDH_REPLY
2020-05-15 05:51:38 [DEBUG] Entering DoKexDhReply()
2020-05-15 05:51:38 [DEBUG] DKDR: no public key check callback, accepted

以下是腻子的日志。哪个连接到同一个 ios 设备。
2020-05-15 19:53:37 Connecting to xx.xx.x.x port 22
2020-05-15 19:53:37 We claim version: SSH-2.0-PuTTY_Release_0.70
2020-05-15 19:53:38 Server version: SSH-2.0-Cisco-1.25
2020-05-15 19:53:38 We believe remote version has SSH-1 ignore bug
2020-05-15 19:53:38 We believe remote version needs a plain SSH-1 password
2020-05-15 19:53:38 We believe remote version can't handle SSH-1 RSA authentication
2020-05-15 19:53:38 Using SSH protocol version 2
2020-05-15 19:53:38 Doing Diffie-Hellman group exchange
2020-05-15 19:53:38 Doing Diffie-Hellman key exchange with hash SHA-1
2020-05-15 19:53:39 Host key fingerprint is:
2020-05-15 19:53:39 ssh-rsa 2048 7c:23:fc:cf:17:2a:9e:6b:38:d8:03:21:67:0f:b4:c3
2020-05-15 19:53:39 Initialised AES-256 SDCTR client->server encryption
2020-05-15 19:53:39 Initialised HMAC-SHA-256 client->server MAC algorithm
2020-05-15 19:53:39 Initialised AES-256 SDCTR server->client encryption
2020-05-15 19:53:39 Initialised HMAC-SHA-256 server->client MAC algorithm

最佳答案

有几件事要检查。

第一个是 wolfSSH_SetChannelType 应该将命令和命令长度作为最后两个参数。

 ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_EXEC,
        cmd, sizeof(cmd));

不过,这可能只是一个错字,我希望它会在连接中更远地得到一个不同的错误,比如 -1009,所以这不是这里的主要问题。

要检查的第二件事是 cisco ios 设备支持的 SSH 版本。如果它使用的是旧版本的 SSH,这可能会导致列出的版本错误。

第三个,也是最有可能在这里有用的事情是,如果这是在 wolfSSH 1.4.3 的发布包中,它有严格的要求,即协议(protocol)交换消息按照 RFC 以“\r\n”结尾。这在 wolfSSH 版本 1.4.4 中更新为更加宽松,以允许仅使用“\n”进行协议(protocol)交换。查看提供的调试日志,我怀疑在更新到 wolfSSH 1.4.4 或在此处应用来自 github 的更改 (https://github.com/wolfSSL/wolfssh/pull/213) 时此问题会消失。

问候,
雅各布

关于c - 无法使用 wolfssh 库与 Cisco IOS 设备建立 ssh 连接,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/61776963/

上一篇:grails - 如何将相同的值传递给Grails中的每个 View

下一篇:grails - Grails/Groovy编译器错误之谜

相关文章:

linux - 用于在远程计算机上的日志文件中搜索字符串并复制匹配文本的脚本

bash - 在某些情况下,grep的结果与预期不符

visual-studio-2017 - 类库(.Net Core)”在 Visual Studio 2017 上不可用

c - UDP 客户端未收到 UDP 服务器消息

c - 使用 GNU Autotools 获取 GCC 包含路径

c - printf ("\%d ",&t); 有什么区别?和 printf ("%d ",t);

wcf - 如何在 Visual Studio 2017 中创建 WCF 服务库项目?

c - 变量初始化和指针段错误

go - 使用 GO 进行 SSH 反向隧道

c++ - 书中的示例无法编译,将 ifstream 转换为 bool

©2024 IT工具网  联系我们