[squeak-dev] Cryptography - Problem with SSH client

Rob Withers reefedjib at gmail.com
Thu Oct 7 22:51:26 UTC 2010


Hi Guido,

I wrote the SSH code 3-4 years ago.  I got it working with some Linux boxes.  The problem you are describing is at the heart of authentication.  It is hashing some security parameters and then rehashing that hash and signing it with the private key.  This happens on your server.  Then the client will also hash the security parameters and then rehash that hash and verify signature with the server generated signature and the public key.  This is the point that is failing.  The problems could be transmission of security params, changes to hashing in cryptography code in squeak (don't think this has happened), bad public key, perhaps something else.  

Can you connect to a different SSH server?

Can you provide me the credentials to connect to your server so I can walk the code?  reefedjib at gmail.com, replace the at with @.

Here is the code that builds the exchangeHash:

computeExchangeHashWithSecurityParams: securityParams

 securityParams exchangeHash: (SHA1 hashMessage: (
  (SSHBinaryMessage new stringOn: securityParams clientIdentification asByteArray),
  (SSHBinaryMessage new stringOn: securityParams serverIdentification asByteArray),
  (SSHBinaryMessage new stringOn: securityParams clientKeyInit asByteArray),
  (SSHBinaryMessage new stringOn: securityParams serverKeyInit asByteArray),
  (SSHBinaryMessage new stringOn: securityParams hostPublicKey asSshByteArray),
  (SSHBinaryMessage new mpintOn: self e),
  (SSHBinaryMessage new mpintOn: self f),
  (SSHBinaryMessage new mpintOn: securityParams secretKey))).
 securityParams sessionIdentifier isNil 
  ifTrue: [securityParams sessionIdentifier: securityParams exchangeHash].

Regards,
Rob


From: Guido Chari 
Sent: Thursday, October 07, 2010 11:06 AM
To: The general-purpose Squeak developers list 
Subject: [squeak-dev] Cryptography - Problem with SSH client


I'm having some problems connecting to an SSH server from Squeak. The server is in my localhost and i test it with a unix ssh client with no problems.
However, when i tried to connect from Squeak i received an error ("bad signature") on SSHDHGroup1KeyExchangeProcessor>>processServerDHReplyMsg:securityParams: method on the key exchange phase of the algorithm.


Does anybody use the SSH client from the cryptography package? What should be the error?


Cheers,
Guido.


--------------------------------------------------------------------------------


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/squeak-dev/attachments/20101007/18fc2d66/attachment.htm


More information about the Squeak-dev mailing list