1

尝试使用 wolfssh 库连接到 cisco ios 设备。

以下是用于连接的代码片段

    WOLFSSH_CTX* ctx = NULL;
    WOLFSSH* ssh = NULL;
    SOCKET_T sockFd = WOLFSSH_SOCKET_INVALID;
    SOCKADDR_IN_T clientAddr;
    socklen_t clientAddrSz = sizeof(clientAddr);
    char rxBuf[80];
    int ret;
    int ch;
    word16 port = 22;
    const char* host = "xx.xx.xx.xx";
    const char* username = "wwww";
    const char* password = "wwww";
    const char* cmd = "sh clock";

    wolfSSH_Debugging_ON();

    WSTARTTCP();
    wolfSSH_Init();

    ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_CLIENT, NULL);
    if (ctx == NULL)
        err_sys("Couldn't create wolfSSH client context.");

    wolfSSH_SetUserAuth(ctx, wsUserAuth);

    ssh = wolfSSH_new(ctx);
    if ( ssh == NULL ) {
        err_sys("Failed to create SSH");
    }

    wolfSSH_SetUserAuthCtx(ssh, (void*)password);

    ret = wolfSSH_SetUsername(ssh, username);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't set the username.");

    build_addr(&clientAddr, (char *)host, port);
    tcp_socket(&sockFd);
    ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
    if (ret != 0) {
        err_sys("Couldn't connect to server.");
    }
    else {
        cout << "Connected to "<<host<<endl;
    }

    ret = wolfSSH_set_fd(ssh, (int)sockFd);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't set the session's socket.");



    ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_EXEC,
        NULL, 0);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't set the channel type.");

    ret = wolfSSH_connect(ssh);
    if (ret != WS_SUCCESS)
        err_sys("Couldn't connect ssh.");

但最终出现以下错误日志。无法继续。在 wolfSSH_connect(ssh) 中出现错误

2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_Init()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_Init(), returning 0
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_CTX_new()
2020-05-13 07:01:55 [DEBUG] Entering CtxInit()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_CTX_new(), ctx = 00000072FB1E7D80
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_new()
2020-05-13 07:01:55 [DEBUG] Entering SshInit()
2020-05-13 07:01:55 [DEBUG] Entering HandshakeInfoNew()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_new(), ssh = 00000072FB1E93E0
Connected to xx.xx.xx.xx
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_set_fd()
2020-05-13 07:01:55 [DEBUG] No subsystem name or name was too large
2020-05-13 07:02:04 [DEBUG] Entering wolfSSH_connect()
2020-05-13 07:02:30 [DEBUG] SSH-2.0-wolfSSHv1.4.3

2020-05-13 07:02:30 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-13 07:02:30 [DEBUG] Embed Send trying to send 23
2020-05-13 07:02:30 [DEBUG] Embed Send sent 23
2020-05-13 07:02:30 [DEBUG] SB: Shrinking output buffer
2020-05-13 07:02:30 [DEBUG] Entering ShrinkBuffer()
2020-05-13 07:02:30 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-13 07:02:30 [DEBUG] SB: releasing dynamic buffer
2020-05-13 07:02:30 [DEBUG] Leaving ShrinkBuffer()
2020-05-13 07:02:34 [DEBUG] connect state: CLIENT_VERSION_SENT
2020-05-13 07:02:41 [DEBUG] Receive: recvd = 255
2020-05-13 07:03:30 [DEBUG] get input text failed
2020-05-13 07:03:35 [DEBUG] connect error: CLIENT_VERSION_SENT, -1013

更新

用 wolfssh 1.4.4(当前版本来自 github)尝试了相同的代码它在 ssh 连接方面取得了一些进展。但它在 XMEMSET 的 rsa.c 中崩溃了......

int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
{
    int ret = 0;

    if (key == NULL) {
        return BAD_FUNC_ARG;
    }

    XMEMSET(key, 0, sizeof(RsaKey));

以下是错误日志。

2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_Init()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_Init(), returning 0
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_CTX_new()
2020-05-15 05:51:28 [DEBUG] Entering CtxInit()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_CTX_new(), ctx = 000000AFC91FDFD0
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_new()
2020-05-15 05:51:28 [DEBUG] Entering SshInit()
2020-05-15 05:51:28 [DEBUG] Entering HandshakeInfoNew()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_new(), ssh = 000000AFC91FE050
Connected to xx.xx.xx.xx
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_set_fd()
2020-05-15 05:51:32 [DEBUG] No subsystem name or name was too large
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_connect()
2020-05-15 05:51:38 [DEBUG] SSH-2.0-wolfSSHv1.4.4

2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 23
2020-05-15 05:51:38 [DEBUG] Embed Send sent 23
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_VERSION_SENT
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 255
2020-05-15 05:51:38 [DEBUG] Checking for old version of protocol exchange
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 236, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] connect state: SERVER_VERSION_DONE
2020-05-15 05:51:38 [DEBUG] Entering SendKexInit()
2020-05-15 05:51:38 [DEBUG] BP: paddingSz = 4
2020-05-15 05:51:38 [DEBUG] CreateMac none
2020-05-15 05:51:38 [DEBUG] Encrypt none
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 376
2020-05-15 05:51:38 [DEBUG] Embed Send sent 376
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] Leaving SendKexInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_KEXINIT_SENT
2020-05-15 05:51:38 [DEBUG] PR1: size = 8
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] PR2: size = 312
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 76
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] VerifyMac none
2020-05-15 05:51:38 [DEBUG] VM: inSz = 312
2020-05-15 05:51:38 [DEBUG] VM: seq = 0
2020-05-15 05:51:38 [DEBUG] VM: keyLen = 0
2020-05-15 05:51:38 [DEBUG] DoPacket sequence number: 0
2020-05-15 05:51:38 [DEBUG] Decoding MSGID_KEXINIT
2020-05-15 05:51:38 [DEBUG] Entering DoKexInit()
2020-05-15 05:51:38 [DEBUG] DKI: KEX Algorithms
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = diffie-hellman-group14-sha1
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Server Host Key Algorithms
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = ssh-rsa
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Enc Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = aes128-ctr
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Enc Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = aes128-ctr
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: MAC Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha2-256
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1-96
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: MAC Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha2-256
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1-96
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Compression Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = none
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Compression Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = none
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Languages - Client to Server
2020-05-15 05:51:38 [DEBUG] DKI: Languages - Server to Client
2020-05-15 05:51:38 [DEBUG] DKI: KEX Packet Follows
2020-05-15 05:51:38 [DEBUG] DKI: For Future Use
2020-05-15 05:51:38 [DEBUG] Leaving DoKexInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] PR3: peerMacSz = 0
2020-05-15 05:51:38 [DEBUG] PR4: Shrinking input buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 1
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] PR5: txCount = 376, rxCount = 312
2020-05-15 05:51:38 [DEBUG] connect state: SERVER_KEXINIT_DONE
2020-05-15 05:51:38 [DEBUG] Entering SendKexDhInit()
2020-05-15 05:51:38 [DEBUG] BP: paddingSz = 5
2020-05-15 05:51:38 [DEBUG] CreateMac none
2020-05-15 05:51:38 [DEBUG] Encrypt none
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 272
2020-05-15 05:51:38 [DEBUG] Embed Send sent 272
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] Leaving SendKexDhInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_KEXDH_INIT_SENT
2020-05-15 05:51:38 [DEBUG] PR1: size = 8
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 8
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] PR2: size = 832
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 824
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] VerifyMac none
2020-05-15 05:51:38 [DEBUG] VM: inSz = 832
2020-05-15 05:51:38 [DEBUG] VM: seq = 1
2020-05-15 05:51:38 [DEBUG] VM: keyLen = 0
2020-05-15 05:51:38 [DEBUG] DoPacket sequence number: 1
2020-05-15 05:51:38 [DEBUG] Decoding MSGID_KEXDH_REPLY
2020-05-15 05:51:38 [DEBUG] Entering DoKexDhReply()
2020-05-15 05:51:38 [DEBUG] DKDR: no public key check callback, accepted

以下是腻子的日志。哪个连接到同一个 ios 设备。

2020-05-15 19:53:37 Connecting to xx.xx.x.x port 22
2020-05-15 19:53:37 We claim version: SSH-2.0-PuTTY_Release_0.70
2020-05-15 19:53:38 Server version: SSH-2.0-Cisco-1.25
2020-05-15 19:53:38 We believe remote version has SSH-1 ignore bug
2020-05-15 19:53:38 We believe remote version needs a plain SSH-1 password
2020-05-15 19:53:38 We believe remote version can't handle SSH-1 RSA authentication
2020-05-15 19:53:38 Using SSH protocol version 2
2020-05-15 19:53:38 Doing Diffie-Hellman group exchange
2020-05-15 19:53:38 Doing Diffie-Hellman key exchange with hash SHA-1
2020-05-15 19:53:39 Host key fingerprint is:
2020-05-15 19:53:39 ssh-rsa 2048 7c:23:fc:cf:17:2a:9e:6b:38:d8:03:21:67:0f:b4:c3
2020-05-15 19:53:39 Initialised AES-256 SDCTR client->server encryption
2020-05-15 19:53:39 Initialised HMAC-SHA-256 client->server MAC algorithm
2020-05-15 19:53:39 Initialised AES-256 SDCTR server->client encryption
2020-05-15 19:53:39 Initialised HMAC-SHA-256 server->client MAC algorithm
4

1 回答 1

2

有几件事要检查。

第一个是 wolfSSH_SetChannelType 应该将命令和命令长度作为最后两个参数。

 ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_EXEC,
        cmd, sizeof(cmd));

不过,这可能只是一个错字,我希望它会在连接中更远地得到一个不同的错误,比如 -1009,所以这不是这里的主要问题。

要检查的第二件事是 cisco ios 设备支持的 SSH 版本。如果它使用的是旧版本的 SSH,这可能会导致列出的版本错误。

第三点,也是最有可能对这里有所帮助的事情是,如果这是在 wolfSSH 1.4.3 的发布包中,它有一个严格的要求,即协议交换消息按照 RFC 以“\r\n”结尾。这在 wolfSSH 版本 1.4.4 中更新为更加宽松,以允许仅使用“\n”进行协议交换。查看提供的调试日志,我怀疑在更新到 wolfSSH 1.4.4 或在此处应用来自 github 的更改( https://github.com/wolfSSL/wolfssh/pull/213)时这个问题会消失。

问候,雅各布

于 2020-05-14T16:13:12.840 回答