Hi Guido,
Did you not receive this reply
yesterday?
I would further add that perhaps there is a way to
make the unix SSH you are using be in verbose mode so you can see what Hash
algorithm it uses to sign.
Rob
Sent: Thursday, October 07, 2010 6:51 PM
Subject: Re: [squeak-dev] Cryptography - Problem with SSH
client
Hi Guido,
I wrote the SSH code 3-4 years ago. I got it
working with some Linux boxes. The problem you are describing is at the
heart of authentication. It is hashing some security parameters and then
rehashing that hash and signing it with the private key. This happens on
your server. Then the client will also hash the security parameters
and then rehash that hash and verify signature with the server generated
signature and the public key. This is the point that is failing. The
problems could be transmission of security params, changes to hashing in
cryptography code in squeak (don't think this has happened), bad public key,
perhaps something else.
Can you connect to a different SSH
server?
Can you provide me the credentials to connect to
your server so I can walk the code? reefedjib at gmail.com, replace the at
with @.
Here is the code that builds the
exchangeHash:
computeExchangeHashWithSecurityParams: securityParams
securityParams
exchangeHash: (SHA1 hashMessage: (
(SSHBinaryMessage new
stringOn: securityParams clientIdentification
asByteArray),
(SSHBinaryMessage new stringOn: securityParams
serverIdentification asByteArray),
(SSHBinaryMessage new
stringOn: securityParams clientKeyInit
asByteArray),
(SSHBinaryMessage new stringOn: securityParams
serverKeyInit asByteArray),
(SSHBinaryMessage new stringOn:
securityParams hostPublicKey asSshByteArray),
(SSHBinaryMessage
new mpintOn: self e),
(SSHBinaryMessage new mpintOn: self
f),
(SSHBinaryMessage new mpintOn: securityParams
secretKey))).
securityParams sessionIdentifier isNil
ifTrue: [securityParams sessionIdentifier: securityParams
exchangeHash].
Regards,
Rob
Sent: Thursday, October 07, 2010 11:06 AM
Subject: [squeak-dev] Cryptography - Problem with SSH
client
I'm having some problems connecting to an SSH server from Squeak. The
server is in my localhost and i test it with a unix ssh client with no
problems.
However, when i tried to connect from Squeak i received an error ("bad
signature") on
SSHDHGroup1KeyExchangeProcessor>>processServerDHReplyMsg:securityParams:
method on the key exchange phase of the algorithm.
Does anybody use the SSH client from the cryptography package? What should
be the error?
Cheers,
Guido.