Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  nodelist  faq  login

DEC diagnostics would run on a dead whale. -- Mel Ferentz


computers / comp.security.ssh / What is the difference between SSH_MSG_UNIMPLEMENTED and SSH_MSG_REQUEST_FAILURE?

SubjectAuthor
* What is the difference between SSH_MSG_UNIMPLEMENTED and SSH_MSG_REQUEPatrik Ek
`* Re: What is the difference between SSH_MSG_UNIMPLEMENTED and SSH_MSG_REQUESimon Tatham
 `- Re: What is the difference between SSH_MSG_UNIMPLEMENTED and SSH_MSG_REQUEPatrik Ek

1
Subject: What is the difference between SSH_MSG_UNIMPLEMENTED and SSH_MSG_REQUEST_FAILURE?
From: Patrik Ek
Newsgroups: comp.security.ssh
Date: Fri, 21 Feb 2020 14:19 UTC
X-Received: by 2002:a37:9b8b:: with SMTP id d133mr33816325qke.147.1582294751260;
Fri, 21 Feb 2020 06:19:11 -0800 (PST)
X-Received: by 2002:a0c:f193:: with SMTP id m19mr29176235qvl.154.1582294751016;
Fri, 21 Feb 2020 06:19:11 -0800 (PST)
Path: i2pn2.org!i2pn.org!weretis.net!feeder7.news.weretis.net!news.unit0.net!feeder1.cambriumusenet.nl!feed.tweak.nl!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.security.ssh
Date: Fri, 21 Feb 2020 06:19:10 -0800 (PST)
Complaints-To: groups-abuse@google.com
Injection-Info: google-groups.googlegroups.com; posting-host=192.176.1.85; posting-account=FeMETQoAAACnHNYTA_wCzAZreuLIfH7N
NNTP-Posting-Host: 192.176.1.85
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <055a548a-e0a9-4dca-ad5a-4b60b337f3ee@googlegroups.com>
Subject: What is the difference between SSH_MSG_UNIMPLEMENTED and SSH_MSG_REQUEST_FAILURE?
From: ek.pat...@gmail.com (Patrik Ek)
Injection-Date: Fri, 21 Feb 2020 14:19:11 +0000
Content-Type: text/plain; charset="UTF-8"
View all headers
Hi,
I am currently working with apache sshd library, trying to create an SSH client. To keep the connection alive, I want to send an SSH_MSG_GLOBAL_REQUEST with a keep alive message,

50 00 00 00 15 6b 65 65 70 61 6c 69 76 65 40 6f 70 65 6e 73 73 68 2e 63 6f 6d 01
translating to
P....keepalive@openssh.com,

where P, is just ascii for 0x50, which is the ID of the SSH_MSG_GLOBAL_REQUEST https://tools.ietf.org/html/rfc4254

So the problem I have here is the reply sent from the server (netopeer-server, which uses libssh under the hood) is SSH_MSG_UNIMPLEMENTED and not SSH_MSG_REQUEST_FAILURE, as I would have expected.

So what I would need to know is, when is a server expected to send SSH_MSG_UNIMPLEMENTED and when SSH_MSG_GLOBAL_REQUEST?

BR
Patrik


Subject: Re: What is the difference between SSH_MSG_UNIMPLEMENTED and SSH_MSG_REQUEST_FAILURE?
From: Simon Tatham
Newsgroups: comp.security.ssh
Date: Fri, 21 Feb 2020 15:53 UTC
References: 1
Path: i2pn2.org!i2pn.org!paganini.bofh.team!newsfeed.xs3.de!nntp-feed.chiark.greenend.org.uk!ewrotcd!.POSTED!not-for-mail
From: ana...@pobox.com (Simon Tatham)
Newsgroups: comp.security.ssh
Subject: Re: What is the difference between SSH_MSG_UNIMPLEMENTED and SSH_MSG_REQUEST_FAILURE?
Date: 21 Feb 2020 15:53:07 +0000 (GMT)
Lines: 31
Message-ID: <lfF*48-Kx@news.chiark.greenend.org.uk>
References: <055a548a-e0a9-4dca-ad5a-4b60b337f3ee@googlegroups.com>
NNTP-Posting-Host: chiark.greenend.org.uk
X-Trace: chiark.greenend.org.uk 1582300389 10141 212.13.197.229 (21 Feb 2020 15:53:09 GMT)
X-Complaints-To: abuse@chiark.greenend.org.uk
NNTP-Posting-Date: Fri, 21 Feb 2020 15:53:09 +0000 (UTC)
X-Newsreader: trn 4.0-test77 (Sep 1, 2010)
Originator: simon@tunnel.thyestes.tartarus.org ([172.31.80.4])
View all headers
Patrik Ek  <ek.patrik@gmail.com> wrote:
So the problem I have here is the reply sent from the server
(netopeer-server, which uses libssh under the hood) is
SSH_MSG_UNIMPLEMENTED and not SSH_MSG_REQUEST_FAILURE, as I would have
expected.

Section 11.4 in RFC 4253 says that SSH_MSG_UNIMPLEMENTED is for
"unrecognized messages". That by itself is not very clear, but the
same paragraph says "Later protocol versions may define other meanings
for these *message types*" (my emphasis).

My reading of that is that SSH_MSG_UNIMPLEMENTED is supposed to mean:
"I don't even recognise the type code of this message, so I have no
idea at all what kind of reply you might want".

If an implementation understands the concept of SSH_MSG_GLOBAL_REQUEST
well enough to know how you extract the request type string, and to
know that SSH_MSG_REQUEST_FAILURE is one of the possible responses,
then it should return SSH_MSG_REQUEST_FAILURE if the particular
request type isn't one it understands (the same as it would for a
request it does understand but that failed for some other reason).

If a server were to send me SSH_MSG_UNIMPLEMENTED in response to
SSH_MSG_GLOBAL_REQUEST, I think I'd be justified in inferring that the
server doesn't even know what a global request *is*, and carefully
avoid sending any further global requests of any type whatsoever!
--
import hashlib; print((lambda p,q,g,y,r,s,m: (lambda w:(pow(g,int(hashlib.sha1(
m.encode('ascii')).hexdigest(),16)*w%q,p)*pow(y,r*w%q,p)%p)%q)(pow(s,q-2,q))==r
and m)(0xb80b5dacabab6145,0xf70027d345023,0x7643bc4018957897,0x11c2e5d9951130c9
,0xa54d9cbe4e8ab,0x746c50eaa1910,      "Simon Tatham <anakin@pobox.com>"     ))


Subject: Re: What is the difference between SSH_MSG_UNIMPLEMENTED and SSH_MSG_REQUEST_FAILURE?
From: Patrik Ek
Newsgroups: comp.security.ssh
Date: Fri, 21 Feb 2020 16:09 UTC
References: 1 2
X-Received: by 2002:a37:e55:: with SMTP id 82mr35095532qko.370.1582301388096;
Fri, 21 Feb 2020 08:09:48 -0800 (PST)
X-Received: by 2002:ac8:7695:: with SMTP id g21mr29750731qtr.99.1582301387770;
Fri, 21 Feb 2020 08:09:47 -0800 (PST)
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.snarked.org!border2.nntp.dca1.giganews.com!nntp.giganews.com!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.security.ssh
Date: Fri, 21 Feb 2020 08:09:47 -0800 (PST)
In-Reply-To: <lfF*48-Kx@news.chiark.greenend.org.uk>
Complaints-To: groups-abuse@google.com
Injection-Info: google-groups.googlegroups.com; posting-host=192.176.1.85; posting-account=FeMETQoAAACnHNYTA_wCzAZreuLIfH7N
NNTP-Posting-Host: 192.176.1.85
References: <055a548a-e0a9-4dca-ad5a-4b60b337f3ee@googlegroups.com> <lfF*48-Kx@news.chiark.greenend.org.uk>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <240ae91c-91b0-4903-8b59-daa34ece391b@googlegroups.com>
Subject: Re: What is the difference between SSH_MSG_UNIMPLEMENTED and SSH_MSG_REQUEST_FAILURE?
From: ek.pat...@gmail.com (Patrik Ek)
Injection-Date: Fri, 21 Feb 2020 16:09:48 +0000
Content-Type: text/plain; charset="UTF-8"
Lines: 35
View all headers
Section 11.4 in RFC 4253 says that SSH_MSG_UNIMPLEMENTED is for
"unrecognized messages". That by itself is not very clear, but the
same paragraph says "Later protocol versions may define other meanings
for these *message types*" (my emphasis).

My reading of that is that SSH_MSG_UNIMPLEMENTED is supposed to mean:
"I don't even recognise the type code of this message, so I have no
idea at all what kind of reply you might want".

If an implementation understands the concept of SSH_MSG_GLOBAL_REQUEST
well enough to know how you extract the request type string, and to
know that SSH_MSG_REQUEST_FAILURE is one of the possible responses,
then it should return SSH_MSG_REQUEST_FAILURE if the particular
request type isn't one it understands (the same as it would for a
request it does understand but that failed for some other reason).

If a server were to send me SSH_MSG_UNIMPLEMENTED in response to
SSH_MSG_GLOBAL_REQUEST, I think I'd be justified in inferring that the
server doesn't even know what a global request *is*, and carefully
avoid sending any further global requests of any type whatsoever!
--
import hashlib; print((lambda p,q,g,y,r,s,m: (lambda w:(pow(g,int(hashlib.sha1(
m.encode('ascii')).hexdigest(),16)*w%q,p)*pow(y,r*w%q,p)%p)%q)(pow(s,q-2,q))==r
and m)(0xb80b5dacabab6145,0xf70027d345023,0x7643bc4018957897,0x11c2e5d9951130c9
,0xa54d9cbe4e8ab,0x746c50eaa1910,      "Simon Tatham <anakin@pobox.com>"     ))

Thank you Simon, this is how I have understood it as well. Further RFC 4254, section 4 https://tools.ietf.org/html/rfc4254#section-4 states,

"Note that both the client and server MAY send global requests at any time, and
 the receiver MUST respond appropriately.
....
The recipient will respond to this message with SSH_MSG_REQUEST_SUCCESS or SSH_MSG_REQUEST_FAILURE if 'want reply' is TRUE."

I interpret this as being mandatory to support the global request type, though not necessarily all global request messages. Or is you of another opinion?

debug1: Remote protocol version 2.0, remote software version libssh_0.7.5


1
rocksolid light 0.7.2
clearneti2ptor