Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/crypto/ssh: failed to connect using keyboard interactive auth method #32108

Closed
anannaya opened this issue May 17, 2019 · 6 comments
Closed

x/crypto/ssh: failed to connect using keyboard interactive auth method #32108

anannaya opened this issue May 17, 2019 · 6 comments
Labels
FrozenDueToAge NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Unreleased

Comments

@anannaya
Copy link

I have enabled the Debug handshake, Could you please let me know what might be the issue.
I am able to login to the machine using normal ssh shell command with password.

2019/05/17 18:46:57 client sent *ssh.kexInitMsg &{[170 188 97 79 223 57 137 14 222 73 78 224 19 48 149 86] [curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1 diffie-hellman-group1-sha1] [ssh-rsa-cert-v01@openssh.com ssh-dss-cert-v01@openssh.com ecdsa-sha2-nistp256-cert-v01@openssh.com ecdsa-sha2-nistp384-cert-v01@openssh.com ecdsa-sha2-nistp521-cert-v01@openssh.com ssh-ed25519-cert-v01@openssh.com ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-rsa ssh-dss ssh-ed25519] [aes128-gcm@openssh.com chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr] [aes128-gcm@openssh.com chacha20-poly1305@openssh.com aes128-ctr aes192-ctr aes256-ctr] [hmac-sha2-256-etm@openssh.com hmac-sha2-256 hmac-sha1 hmac-sha1-96] [hmac-sha2-256-etm@openssh.com hmac-sha2-256 hmac-sha1 hmac-sha1-96] [none] [none] [] [] false 0} ()

2019/05/17 18:46:58 client got *ssh.kexInitMsg &{[239 73 14 155 20 205 85 206 215 60 232 230 175 253 67 21] [curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group14-sha1] [ssh-rsa rsa-sha2-512 rsa-sha2-256 ecdsa-sha2-nistp256 ssh-ed25519] [aes128-gcm@openssh.com aes256-gcm@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-cbc aes256-cbc aes192-cbc] [aes128-gcm@openssh.com aes256-gcm@openssh.com aes128-ctr aes192-ctr aes256-ctr aes128-cbc aes256-cbc aes192-cbc] [hmac-sha2-512 hmac-sha2-256 hmac-sha1] [hmac-sha2-512 hmac-sha2-256 hmac-sha1] [none zlib@openssh.com] [none zlib@openssh.com] [] [] false 0} ()
2019/05/17 18:46:58 client entered key exchange
2019/05/17 18:46:58 client exited key exchange (first true), err
2019/05/17 18:46:58 client sent *ssh.serviceRequestMsg &{ssh-userauth} ()
2019/05/17 18:46:58 client got *ssh.serviceAcceptMsg &{ssh-userauth} ()
2019/05/17 18:46:58 client sent *ssh.userAuthRequestMsg &{ananayak ssh-connection none []} ()
2019/05/17 18:46:58 client got *ssh.userAuthFailureMsg &{[publickey keyboard-interactive] false} ()
2019/05/17 18:46:58 client sent *ssh.userAuthRequestMsg &{ananayak ssh-connection keyboard-interactive [0 0 0 0 0 0 0 0]} ()
2019/05/17 18:46:58 client got (ssh: parse error in message type 60)
2019/05/17 18:46:58 client sent (ssh: parse error in message type 61)
2019/05/17 18:46:59 client got (ssh: parse error in message type 60)
2019/05/17 18:46:59 client sent *ssh.userAuthGSSAPIToken &{[]} ()
2019/05/17 18:46:59 client got *ssh.userAuthFailureMsg &{[publickey keyboard-interactive] false} ()
panic: Failed to dial: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none keyboard-interactive], no supported methods remain
@gopherbot gopherbot added this to the Unreleased milestone May 17, 2019
@FiloSottile FiloSottile changed the title x/crypto: Failed to connect using keyboard interactive auth method. x/crypto/ssh: failed to connect using keyboard interactive auth method May 17, 2019
@FiloSottile FiloSottile added the WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided. label May 17, 2019
@FiloSottile
Copy link
Contributor

Can you provide the code you are trying to run?

/cc @hanwen

@anannaya
Copy link
Author

anannaya commented May 18, 2019
edited by FiloSottile

@FiloSottile

	config := &ssh.ClientConfig{
		User: "ananayak",
		Auth: []ssh.AuthMethod{
			ssh.KeyboardInteractive(func(user, instruction string, questions []string, echos []bool) ([]string, error) {
				// Just send the password back for all questions
				answers := make([]string, len(questions))
				for i, _ := range answers {
					answers[i] = "026aaa9f-01fa-0850-095c-3d3daa0a4bd3" // replace this
				}

				return answers, nil
			}),
			// ssh.Password("026aaa9f-01fa-0850-095c-3d3daa0a4bd3"),
		},
		HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error {
			return nil
		},
	}
	client, err := ssh.Dial("tcp", "my.host.com:22", config)
	if err != nil {
		panic("Failed to dial: " + err.Error())
	}
	session, err := client.NewSession()
	if err != nil {
		panic("Failed to create session: " + err.Error())
	}
	defer session.Close()
	var b bytes.Buffer

	session.Stdout = &b
	session.Run("ls")
	fmt.Println(b.String())

@FiloSottile FiloSottile added NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. and removed WaitingForInfo Issue is not actionable because of missing required information, which needs to be provided. labels May 20, 2019
@anannaya
Copy link
Author

@FiloSottile Is there anything i missed?

@anannaya anannaya mentioned this issue May 26, 2019
Open
@anannaya
Copy link
Author

@FiloSottile : Could you show me some direction or any work around ?

@hanwen
Copy link
Contributor

hanwen commented May 28, 2019

2019/05/17 18:46:58 client got (ssh: parse error in message type 60)
2019/05/17 18:46:58 client sent (ssh: parse error in message type 61)
2019/05/17 18:46:59 client got (ssh: parse error in message type 60)
2019/05/17 18:46:59 client sent *ssh.userAuthGSSAPIToken &{[]} ()

it's doing a keyboard-interactive back and forth twice (userAuthGSSAPIToken is also 61). Can you print the prompts? Maybe they give a clue to what is going on?

answers[i] = "026aaa9f-01fa-0850-095c-3d3daa0a4bd3" // replace this

I guess this was not your real password. Are you sure there aren't any chars in the password that are causing problems? ("\n" for example)

@anannaya
Copy link
Author

anannaya commented May 29, 2019
edited

@hanwen I was able to login manually using the same password. How can i print the prompts?

@anannaya anannaya closed this as completed Jun 4, 2019
@golang golang locked and limited conversation to collaborators Jun 3, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
4 participants
@hanwen @FiloSottile @gopherbot @anannaya