EldoS | Feel safer!

Software components for data protection, secure storage and transfer

114 error appear in the second authentication.

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
#33910
Posted: 07/06/2015 23:00:35
by gwihwan ji (Basic support level)
Joined: 06/29/2015
Posts: 6

I have been using version 9.
we will buy the version 12.
1.
We shall receive twice authentication in SSH.
114 error appear in the second authentication.
In version 12 this issue has been resolved?

2.
and, There is a problem to change size.
The following functions, the application fails.
In version 12 is this problem possible ?
--------------------------------------------------------------
SecureBlackBox 9 - SSH

Code
private SBSimpleSSH.TElSimpleSSHClient client = new TElSimpleSSHClient();
.
.
.
client.TerminalInfo.BeginUpdate();

client.TerminalInfo.Rows = iRow;
client.TerminalInfo.Cols = iCol;
client.TerminalInfo.EndUpdate();
-----------------------------------------------------

Client Emulator Windows Resize - fail
Please tell me how to resolve.
#33911
Posted: 07/07/2015 00:43:15
by Eugene Mayevski (EldoS Corp.)

Quote
wlrnlghks wrote:
We shall receive twice authentication in SSH. 114 error appear in the second authentication. In version 12 this issue has been resolved?


What do you mean by "second authentication"? Do you authenticate successfully once, then logout/disconnect, then try to reconnect and get the error?

Quote
wlrnlghks wrote:
and, There is a problem to change size.


You asked this question in a separate topic. Please don't repost the question and keep topics separate. If you have anything to clarify, you are welcome to do this in the previous topic.


Sincerely yours
Eugene Mayevski
#33919
Posted: 07/07/2015 08:08:48
by gwihwan ji (Basic support level)
Joined: 06/29/2015
Posts: 6

1.
"first Device" Authentication : ID / PW authentication of the first equipment
"second Device" Authentication : ID / PW authentication of a second device connected to the first Device
We, after the first device(switch) authentication, is connected to a second device connected to the device(switch) , it must control the second device.
so, We will require authentication of two.

2. ok, sorry.
#33925
Posted: 07/07/2015 10:36:55
by Eugene Mayevski (EldoS Corp.)

Do you need to connect in this way:

C ==ssh==> server1 ==ssh==> server2 ?

In this situation everything depends on how SSH tunnels are built, i.e. whether you open shell tunnel to server1 or you have port forwarding on server1.

It would be easier to understand the problem if we saw either a sample project, or better yet a scheme that shows the expected data flow.


Sincerely yours
Eugene Mayevski
#33942
Posted: 07/08/2015 05:04:38
by gwihwan ji (Basic support level)
Joined: 06/29/2015
Posts: 6

We are connecting various servers(network equipment, Unix server, Linux server) numbering port #2001, #2002…. thru MUX.

When we connect to #2001 server thru MUX using "PUTTY", we are asked to key in ID/PW.
After Key in right ID/PW, we meet another request to key in ID/PW for #2001 server.

But, after we key in ID/PW for #2001, system displays error code 114.

Pls advise us how to resolve this problem.


Code
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Threading;
using System.IO;

using SBSSHTerm;
using SBSimpleSSH;
using SBSSHClient;
using SBSSHConstants;
using SBSSHCommon;
using SBSSHKeyStorage;
using SBUtils;

namespace CISCORP.SOCKS5
{
    public class clsSBClient
    {
        public delegate void OnAuthenticationDelegate(bool bSucess, string aFailMsg);
        public event OnAuthenticationDelegate OnAuthentication;

        public delegate void OnCloseConnectionDelegate();
        public event OnCloseConnectionDelegate OnCloseConnection;
        
        public delegate void OnDataReceiveDelegate(byte[] aRcvByte);
        public event OnDataReceiveDelegate OnDataReceive;

        public delegate void OnErrorDelegate(string aMsg);
        public event OnErrorDelegate OnError;

        public delegate void OnKeyboardInterDelegate(string aPrompt);
        public event OnKeyboardInterDelegate OnKeyboardInter;

        private int iSSH_Port = 22;
        private SBSimpleSSH.TElSimpleSSHClient client = new TElSimpleSSHClient();
        private TElSSHMemoryKeyStorage KeyStorage;

        string mPassword = string.Empty;

        public clsSBClient(int iPort)
        {
            iSSH_Port = iPort;
            Initialize();

            KeyStorage = new TElSSHMemoryKeyStorage(client);
            client.KeyStorage = KeyStorage;
            client.TerminalInfo = new TElTerminalInfo(client);
            client.TerminalInfo.SetTerminalType("xterm");
        }

        private void Initialize()
        {
            SBUtils.Unit.SetLicenseKey("62B3...DD7B");

            this.client.Address = "";
            this.client.AuthAttempts = 1;
            this.client.AuthenticationTypes = 20;
            this.client.AutoAdjustCiphers = true;
            this.client.CertAuthMode = SBSSHClient.TSBSSHCertAuthMode.camAuto;
            this.client.ClientHostname = "";
            this.client.ClientUsername = "";
            this.client.Command = "";
            this.client.CompressionLevel = 6;
            this.client.CryptoProviderManager = null;
            this.client.DefaultWindowSize = 2048000;
            this.client.ForceCompression = false;
            this.client.GSSDelegateCredentials = false;
            this.client.GSSHostName = null;
            this.client.GSSMechanism = null;
            this.client.IncomingSpeedLimit = 0;
            this.client.KeyStorage = null;
            this.client.LocalAddress = null;
            this.client.LocalPort = 0;
            this.client.MinWindowSize = 2048;
            this.client.OutgoingSpeedLimit = 0;
            this.client.Password = "";
            this.client.Port = 22;
            this.client.RequestPasswordChange = false;
            this.client.RequestTerminal = false;
            //this.client.SocketTimeout = 0;
            this.client.SocksAuthentication = 0;
            this.client.SocksPassword = null;
            this.client.SocksPort = 0;
            this.client.SocksResolveAddress = false;
            this.client.SocksServer = null;
            this.client.SocksUseIPv6 = false;
            this.client.SocksUserCode = null;
            this.client.SocksVersion = 0;
            this.client.SoftwareName = "EldoS.SSHBlackbox.9";
            this.client.SSHAuthOrder = SBSSHCommon.TSBSSHAuthOrder.aoDefault;
            this.client.Subsystem = null;
            this.client.Tag = null;
            this.client.TerminalInfo = null;
            this.client.TrustedKeys = null;
            this.client.UseInternalSocket = true;
            this.client.UseIPv6 = false;
            this.client.Username = "";
            this.client.UseSocks = false;
            this.client.UseUTF8 = false;
            this.client.UseWebTunneling = false;
            this.client.Versions = ((short)(0));
            this.client.WebTunnelAddress = null;
            this.client.WebTunnelAuthentication = 0;
            this.client.WebTunnelPassword = null;
            this.client.WebTunnelPort = 0;
            this.client.WebTunnelUserId = null;
            this.client.OnAuthenticationFailed += new SBSSHCommon.TSSHAuthenticationFailedEvent(this.client_OnAuthenticationFailed);
            this.client.OnKeyValidate += new SBSSHCommon.TSSHKeyValidateEvent(this.client_OnKeyValidate);
            this.client.OnAuthenticationKeyboard += new SBSSHCommon.TSSHAuthenticationKeyboardEvent(this.client_OnAuthenticationKeyboard);
            this.client.OnBanner += new SBSSHCommon.TSSHBannerEvent(this.client_OnBanner);
            this.client.OnCloseConnection += new SBSSHCommon.TSSHCloseConnectionEvent(this.client_OnCloseConnection);
            this.client.OnAuthenticationSuccess += new SBUtils.TNotifyEvent(this.client_OnAuthenticationSuccess);
            this.client.OnError += new SBSSHCommon.TSSHErrorEvent(this.client_OnError);
        }

        public void Dispose()
        {
            try
            {
                KeyStorage.Clear();
                KeyStorage.Dispose();
                if (client != null)
                {
                    if (client.Active)
                        client.Close(true);
                    client.Dispose();
                }
            }
            catch { }
        }

        

        public bool Connected
        {
            get { return client.Active; }
        }

        public string Connect(string aTargetServer, string aUserName, string aPassword)
        {
            if (client.Active)
                return "Already connected";


            client.Address = aTargetServer.Trim();
            client.Port = iSSH_Port;

            client.Username = aUserName;
            client.Password = aPassword;

            mPassword = aPassword;

            client.Versions = 0;
            client.Versions += SBSSHCommon.Unit.sbSSH2;

            client.ForceCompression = false;            
            
            KeyStorage.Clear();

            // client.ForceCompression = dlg.cbCompress.Checked;
            // client.AuthenticationTypes = client.AuthenticationTypes | SBSSHConstants.Unit.SSH2_AUTH_STATE_PASSWORD; // SSH_AUTH_TYPE_PASSWORD;

            //SBSSHConstants.Unit.ERROR_SSH_NO_MORE_AUTH_METHODS_AVAILABLE

            client.AuthenticationTypes = client.AuthenticationTypes & (~SBSSHConstants.Unit.SSH2_AUTH_STATE_PASSWORD);

            try
            {
                client.Open();

                ThreadPool.QueueUserWorkItem(new WaitCallback(ServerReceive));  // 접속 여부 주기적 체크
                return string.Empty;
            }
            catch (Exception e)
            {
                try
                {
                    client.Close(true);
                }
                catch
                {
                }
                return e.ToString();
            }                
        }

        public void Disconnect()
        {
            if (client.Active)
            {
                client.Close(true);
            }
        }


        public void ServerSend(string Data)
        {
            try
            {
                byte[] encoded = System.Text.Encoding.UTF8.GetBytes(Data);
                if (client.Active)
                {
                    // byte[] encoded = System.Text.Encoding.UTF8.GetBytes(Data + "\x0d\x0a");  // "\x0d\x0a" 은  \r\n                
                    client.SendData(encoded, encoded.Length);
                }
            }
            catch
            { }
        }

        public void ServerSend(byte[] SendByte)
        {
            try
            {
                if (client.Active)
                {
                    client.SendData(SendByte, SendByte.Length);
                }
            }
            catch
            { }
        }

        public void ServerSend(byte[] SendByte, int iCnt)
        {
            try
            {
                if (client.Active)
                {
                    client.SendData(SendByte, iCnt);
                }
            }
            catch
            { }
        }

        private void ServerReceive(object _object)
        {
            bool canRecv = true;
            byte[] data = new byte[65280];
            byte[] dataErr = new byte[65280];
            int dataLen, dataErrLen;

            try
            {
                byte[] aRcvByte;
                while (client.Active)  //canRecv &&
                {
                    try
                    {
                        canRecv = client.CanReceive(0);
                    }
                    catch
                    {
                        canRecv = false;
                    }

                    if (canRecv)
                    {
                        try
                        {
                            dataLen = data.Length;
                            dataErrLen = dataErr.Length;
                            client.ReceiveData(ref data, ref dataLen, ref dataErr, ref dataErrLen);
                            using (MemoryStream ms = new MemoryStream())
                            {
                                ms.Write(data, 0, dataLen);
                                ms.Position = 0;
                                aRcvByte = ms.ToArray();
                                //if (aRcvByte.Length > 5)
                                //{
                                //    if (!Encoding.UTF8.GetString(aRcvByte, 0, 5).Contains("\"^[[8"))
                                //        OnDataReceive(aRcvByte);
                                //}
                                //else
                                OnDataReceive(aRcvByte);
                            }
                            //tbView.Text = tbView.Text + System.Text.Encoding.UTF8.GetString(data, 0, dataLen);
                        }
                        catch
                        {
                            canRecv = false;
                        }
                    }
                    else
                        Thread.Sleep(100);
                }
            }
            catch (Exception e)
            {
                OnError("ServerReceive error " + e.ToString());
            }
        }

        /// <summary>
        /// 인증 실패
        /// </summary>
        /// <param name="Sender"></param>
        /// <param name="AuthenticationType"></param>
        private void client_OnAuthenticationFailed(object Sender, int AuthenticationType)
        {
            OnAuthentication(false, AuthenticationType.ToString());
        }

        private void client_OnAuthenticationSuccess(object Sender)
        {
            OnAuthentication(true, string.Empty);
        }

        private void client_OnCloseConnection(object Sender)
        {
            OnCloseConnection();
        }

        private void client_OnError(object Sender, int ErrorCode)
        {
            OnError("SSH ERROR:" + ErrorCode.ToString());
        }

        private void client_OnKeyValidate(object Sender, SBSSHKeyStorage.TElSSHKey ServerKey, ref bool Validate)
        {
            //Log("Server key received, fingerprint " + SBUtils.Unit.DigestToStr128(ServerKey.FingerprintMD5, true), false);
            SBUtils.Unit.DigestToStr128(ServerKey.FingerprintMD5, true);
            Validate = true; // NEVER do this. You MUST check the key validity somehow
        }

        private void client_OnAuthenticationKeyboard(object Sender, SBStringList.TElStringList Prompts, bool[] Echo, SBStringList.TElStringList Responses)
        {
            Responses.Clear();            

            string Response = "";
            for (int i = 0; i < Prompts.Count; i++)
            {
                Response += Prompts[i] + " ";
            }

            Responses.Add(mPassword);

            OnKeyboardInter(Response + ":" + mPassword);
        }

        private void client_OnBanner(object Sender, byte[] Text, byte[] Language)
        {
            // throw new ESecureBlackboxError(SBUtils.Unit.StringOfBytes(Text));
        }

        public void Window_Resize(int iRow, int iCol)
        {
            client.TerminalInfo.BeginUpdate();


            client.TerminalInfo.Rows = iRow;
            client.TerminalInfo.Cols = iCol;

            client.TerminalInfo.EndUpdate();

        }
    }
}
#33943
Posted: 07/08/2015 05:11:22
by Eugene Mayevski (EldoS Corp.)

Unfortunately I don't know how exactly your existing scheme works. What you describe ("After Key in right ID/PW, we meet another request to key in ID/PW for #2001 server") is just a visual aspect, but how does it work under the hood? I don't know.

Let's try to take another approach - can you show the command line for putty which you use to make the connection?


Sincerely yours
Eugene Mayevski
#33966
Posted: 07/09/2015 06:28:56
by gwihwan ji (Basic support level)
Joined: 06/29/2015
Posts: 6

Putty connection method is shown below.

Code
login: sysadmin
password:
digi>
digi> connect 3
(Local authentication)
login: sysadmin
password:
Set escape char to ^[
Connected to port 3
[slce08c]>


------------------------------------------------Described
login: sysadmin
password:
digi> ==============> first device authentication success.

digi> connect 3 ==============> second Device authentication try.
(Local authentication)
login: sysadmin
password:
Set escape char to ^[
Connected to port 3
[slce08c]> ==============> second Device authentication Success.
#33967
Posted: 07/09/2015 07:24:54
by Eugene Mayevski (EldoS Corp.)

In your scenario you connect to the server, run the shell there, and then run the ssh client in the shell.

With TElSimpleSSHClient you need to do the same -- once you have opened connection, you get the shell. then you can send a command that you need ("connect 3" is probably a command line) and continue with login. This would require passing the username and password for this connection through the opened connection using SendData method.


Sincerely yours
Eugene Mayevski
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 1890 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!