VKontakte.DJ
forum traveling
 

Celestial Software

...better by design

Home Support SSH Client Forums
Welcome, Guest
Please Login or Register.    Lost Password?
ssh1 works to a cisco, ssh2 does not (2 viewing) (2) Guests
Go to bottom Favoured: 0
TOPIC: ssh1 works to a cisco, ssh2 does not
#1885
ssh1 works to a cisco, ssh2 does not 15 Years, 6 Months ago  
I can't connect to some Cisco switches with SSH2. SSH1 works, a co-worker can get to the same switches with AT using SSH2. Is there some connection debugging I can do in AT?

I can connect once to the switches with SSH2, accept and save the key, but the next connection attempt fails.

[ September 19, 2008, 07:50 AM: Message edited by: Brian T. Pence ]
jcfranklin (User)
Fresh Boarder
Posts: 3
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
#1886
Re: ssh1 works to a cisco, ssh2 does not 15 Years, 6 Months ago  
What version of AT are you using?
bpence (Admin)
Admin
Posts: 1404
graph
User Offline Click here to see the profile of this user
Logged Logged  
 
Brian Pence
Celestial Software
SSH , SFTP, and Telnet in a tabbed interface for Windows XP, Vista, Mobile, and others
 
The administrator has disabled public write access.  
#1887
Re: ssh1 works to a cisco, ssh2 does not 15 Years, 6 Months ago  
6.28
I did some debugging on the Cisco side and it looks like after the Cisco sends it's SSH ID, AT never sends a response with version info.
jcfranklin (User)
Fresh Boarder
Posts: 3
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
#1888
Re: ssh1 works to a cisco, ssh2 does not 15 Years, 6 Months ago  
Can you try the version 7 beta? This sounds familiar.

http://www.celestialsoftware.net/telnet/...teTelnet7.13RC12.exe
bpence (Admin)
Admin
Posts: 1404
graph
User Offline Click here to see the profile of this user
Logged Logged  
 
Brian Pence
Celestial Software
SSH , SFTP, and Telnet in a tabbed interface for Windows XP, Vista, Mobile, and others
 
The administrator has disabled public write access.  
#1889
Re: ssh1 works to a cisco, ssh2 does not 15 Years, 6 Months ago  
I will! I will let you know Monday how it turns out.
jcfranklin (User)
Fresh Boarder
Posts: 3
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
#1890
Re: ssh1 works to a cisco, ssh2 does not 15 Years, 5 Months ago  
Did you ever get a chance to try version 7?

The current beta can be found here:

http://www.celestialsoftware.net/telnet/...teTelnet7.13RC18.exe
bpence (Admin)
Admin
Posts: 1404
graph
User Offline Click here to see the profile of this user
Logged Logged  
 
Brian Pence
Celestial Software
SSH , SFTP, and Telnet in a tabbed interface for Windows XP, Vista, Mobile, and others
 
The administrator has disabled public write access.  
#2290
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
LOOOONG time no talk.
SSH2 has been working, and I upgraded my router. I am on 7.21 and now SSHv2 does not work, but it seems to bee just on my router. It appears to work on other devices, Cisco and non-cisco. The same thing is happening as before, it looks like the Cisco router sends it's ssh server string and AT is not responding.
ChrisFranklin (User)
Fresh Boarder
Posts: 7
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
#2291
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
Hello Chris!

Is there any chance I can access this router from the internet? Or, perhaps a different router of the same type that exhibits the same problem? I don't need username/password or anything, just the IP address.

Brian
bpence (Admin)
Admin
Posts: 1404
graph
User Offline Click here to see the profile of this user
Logged Logged  
 
Brian Pence
Celestial Software
SSH , SFTP, and Telnet in a tabbed interface for Windows XP, Vista, Mobile, and others
 
The administrator has disabled public write access.  
#2298
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
99.175.228.89
right now it is configured for SSH v2 only.
ChrisFranklin (User)
Fresh Boarder
Posts: 7
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
#2299
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
Chris,

I think I have the answer to this... I believe I'd classify this as a bug in the SSH server implementation, but probably one that can be worked around.

At the beginning of the SSH2 exchange, the client and server exchange a version string. According to RFC4253, an SSH2 server should send (and expect to receive) a carriage return/linefeed pair to define the end of the string. In SSH1, the version string would just be terminated by a linefeed alone.

If Absolute sends a CR/LF pair to terminate the version string (ssh2 behavior). the connection gets nowhere. If I send a single linefeed instead (ssh1 behavior), the connection works fine. This tells me that the server is relying on SSH1 behavior and breaks when held strictly to SSH2 RFC4253 standards.

With this in mind, I modified the AbsoluteTelnet logic a bit. I first watch for the server version string to arrive. I check to see whether the server uses CR/LF or just LF to terminate the version string. Whatever the server uses for the terminator is what Absolute will use when sending its own version string.

This seems to work well for the Cisco and doesn't break compatibility on any other server I've tested.

Give it a try here:

www.celestialsoftware.net/telnet/AbsoluteTelnet7.54RC13.exe


Let me know how it goes!

Brian
bpence (Admin)
Admin
Posts: 1404
graph
User Offline Click here to see the profile of this user
Logged Logged  
 
Brian Pence
Celestial Software
SSH , SFTP, and Telnet in a tabbed interface for Windows XP, Vista, Mobile, and others
 
The administrator has disabled public write access.  
#2300
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
Works Like a champ!

My turn:
the SSH server ID on Cisco gear that was working is:
SSH-1.99-Cisco-1.25

The server ID on the ones that did not work:
SSH-2.0-Cisco-1.25

I hope this helps in any future builds.

Once again, AT Is the BEST Telnet, SSH, Direct serial, SFTP client I have ever used!

Great job!
ChrisFranklin (User)
Fresh Boarder
Posts: 7
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
#2301
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
The cisco software version is 1.25 on both. The "1.99" indicates a server running in compatibility mode for both v1 and v2 clients. The "2.0" server is configured only to accept connections from v2 clients.

Funny, though, that the server declares itself as a 2.0 server, but only works with line-termination of SSH1.

I wish I could see the source code.

Grian
bpence (Admin)
Admin
Posts: 1404
graph
User Offline Click here to see the profile of this user
Logged Logged  
 
Brian Pence
Celestial Software
SSH , SFTP, and Telnet in a tabbed interface for Windows XP, Vista, Mobile, and others
 
The administrator has disabled public write access.  
#2302
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
the version of IOS I am running on that router is REALLY buggy.
I am willing to bet a nickel's worth of bits that someone typo-ed and did not do very good regression testing.

MMMMM, good QA.
ChrisFranklin (User)
Fresh Boarder
Posts: 7
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
#2303
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
Is it an old version or something fairly recent?

Brian
bpence (Admin)
Admin
Posts: 1404
graph
User Offline Click here to see the profile of this user
Logged Logged  
 
Brian Pence
Celestial Software
SSH , SFTP, and Telnet in a tabbed interface for Windows XP, Vista, Mobile, and others
 
The administrator has disabled public write access.  
#2304
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
It was released in Feb. of '09.

I am going to try a new version of older code tonight - I will backrev from 12.4(20)T2 to 12.4(15)T9 from April of '09.
ChrisFranklin (User)
Fresh Boarder
Posts: 7
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
#2306
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
the new IOS is running - you want to give it a try? It is showing "SSH-2.0-Cisco-1.25"

I bet there is no difference.
ChrisFranklin (User)
Fresh Boarder
Posts: 7
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
#2307
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
Seems I can connect now with any version of Absolute.
bpence (Admin)
Admin
Posts: 1404
graph
User Offline Click here to see the profile of this user
Logged Logged  
 
Brian Pence
Celestial Software
SSH , SFTP, and Telnet in a tabbed interface for Windows XP, Vista, Mobile, and others
 
The administrator has disabled public write access.  
#2309
Re:ssh1 works to a cisco, ssh2 does not 14 Years, 10 Months ago  
too funny. or sad. I am not sure.

I expected a little better QA from them.

What do I owe you for the lost bet? :lol:
ChrisFranklin (User)
Fresh Boarder
Posts: 7
graphgraph
User Offline Click here to see the profile of this user
Logged Logged  
 
The administrator has disabled public write access.  
Go to top