Beefy Boxes and Bandwidth Generously Provided by pair Networks
Problems? Is your data what you think it is?
 
PerlMonks  

Net::SSH Protocol Error

by perlssh (Initiate)
on Oct 13, 2015 at 19:56 UTC ( #1144748=perlquestion: print w/replies, xml ) Need Help??
perlssh has asked for the wisdom of the Perl Monks concerning the following question:

I upgraded my SSH Server to Openssh 7.1p1 to overcome security vulnerabilities. But now my perl scripts using Net::SSH have stopped working and they give a Protocol Error as follow:

Protocol error: expected packet type 91, got 80 at /auto/share/perl/5.8.6/lib/site_perl/5.8.6/Net/SSH/Perl/Packet.pm line 222 /

Here is the complete debug trace:
: Reading configuration data /etc/ssh_config : Allocated local port 1023. : Connecting to 10.98.109.105, port 22. : Remote version string: SSH-2.0-OpenSSH_7.1 : Remote protocol version 2.0, remote software version OpenSSH_7.1 : Net::SSH::Perl Version 1.42, protocol version 2.0. : No compat match: OpenSSH_7.1 : Connection established. : Sent key-exchange init (KEXINIT), wait response. : Algorithms, c->s: 3des-cbc hmac-sha1 none : Algorithms, s->c: 3des-cbc hmac-sha1 none : Entering Diffie-Hellman Group 1 key exchange. : Sent DH public key, waiting for reply. : Received host key, type 'ssh-rsa'. : Host '10.98.109.105' is known and matches the host key. : Computing shared secret key. : Verifying server signature. : Send NEWKEYS. : Waiting for NEWKEYS message. : Enabling encryption/MAC/compression. : Sending request for user-authentication service. : Service accepted: ssh-userauth. : Trying empty user-authentication request. : Authentication methods that can continue: publickey,password,keyboar +d-interactive. : Next method to try is publickey. : Next method to try is password. : Trying password authentication. : Login completed, opening dummy shell channel. : channel 0: new [client-session] : Requesting channel_open for channel 0. Protocol error: expected packet type 91, got 80 at /auto/share/perl/5. +8.6/lib/site_perl/5.8.6/Net/SSH/Perl/Packet.pm line 222 /

Can someone please help how to resolve this error?

Thanks!

Replies are listed 'Best First'.
Re: Net::SSH Protocol Error
by atcroft (Abbot) on Oct 13, 2015 at 21:56 UTC
Re: Net::SSH Protocol Error
by salva (Abbot) on Oct 14, 2015 at 06:10 UTC
Debugging Net::SSH Protocol Error
by cmv (Chaplain) on Oct 07, 2016 at 15:24 UTC
    Monks-

    This error has been looming for quite a while, and it has just recently hit-the-fan for me.

    If anybody has a solution, please speak up.

    I am attempting to debug, and am using this note to document my progress. Any help or suggestions is much appreciated!

    -Craig

    I am running with perl v5.8.8 built for darwin using the following:

    Module id = Net::SSH::Perl CPAN_USERID SCHWIGON (Steffen Schwigon <schwigon@cpan.org>) CPAN_VERSION 2.01 CPAN_FILE S/SC/SCHWIGON/Net-SSH-Perl-2.01.tar.gz MANPAGE Net::SSH::Perl - Perl client Interface to SSH INST_FILE /opt/exp/perl/perl5.8/lib/site_perl/5.8.8/Net/SSH/Per +l.pm INST_VERSION 1.34
    The exact error message I get is as follows:
    XS_Tk__Callback_Call error:Protocol error: expected packet type 91, go +t 80 at /opt/exp/perl/perl5.8/lib/site_perl/5.8.8/Net/SSH/Perl/Packet +.pm line 222

    Checking out Packet.pm I see line 222 in the following:

    217 sub read_expect { 218 my $class = shift; 219 my($ssh, $type) = @_; 220 my $pack = $class->read($ssh); 221 if ($pack->type != $type) { 222 $ssh->fatal_disconnect(sprintf 223 "Protocol error: expected packet type %d, got %d", 224 $type, $pack->type); 225 } 226 $pack; 227 }
    It seems that read_expect() in this case is being called from here:
    caller DUMP: $VAR1 = 'Net::SSH::Perl::SSH2'; $VAR2 = '/opt/exp/perl/perl5.8/lib/site_perl/5.8.8/Net/SSH/Perl/SSH2.p +m'; $VAR3 = 78;
    Going to SSH2.pm shows line 78 to look like this:
    65 sub login { 66 my $ssh = shift; 67 $ssh->SUPER::login(@_); 68 my $suppress_shell = $_[2]; 69 $ssh->_login or $ssh->fatal_disconnect("Permission denied"); 70 71 $ssh->debug("Login completed, opening dummy shell channel."); 72 my $cmgr = $ssh->channel_mgr; 73 my $channel = $cmgr->new_channel( 74 ctype => 'session', local_window => 0, 75 local_maxpacket => 0, remote_name => 'client-session'); 76 $channel->open; 77 78 my $packet = Net::SSH::Perl::Packet->read_expect($ssh, 79 SSH2_MSG_CHANNEL_OPEN_CONFIRMATION); 80 $cmgr->input_open_confirmation($packet); 81 82 unless ($suppress_shell) { 83 $ssh->debug("Got channel open confirmation, requesting she +ll."); 84 $channel->request("shell", 0); 85 } 86 }
    So we are in the process of logging in, and expecting to get a SSH2_MSG_CHANNEL_OPEN_CONFIRMATION (defined as 91 in constants.pm), but instead we are getting message 80, which is not defined in any of the Net:SSH:Perl code.

    Google points me here to see a list of messages and see that message 80 is:

    80 SSH_MSG_GLOBAL_REQUEST
    Okay, why the heck are we getting this message in the middle of login? More googling leads me to IETF which states:
    4. Global Requests There are several kinds of requests that affect the state of the remote end globally, independent of any channels. An example is a request to start TCP/IP forwarding for a specific port. Note that both the client and server MAY send global requests at any time, an +d the receiver MUST respond appropriately.

    Huh, interesting. I didn't know about SSH global requests, but why is it making Net::SSH::Perl barf now?

    More googling gets me to stackoverflow which seems to have a reasonable answer:

    The message 80 stands for SSH_MSG_GLOBAL_REQUEST.

    Modern versions of OpenSSH server use this generic message for various proprietary extensions of the SSH protocol.

    Most clients will/should silently ignore unrecognized messages. The SSH.NET does ignore the SSH_MSG_GLOBAL_REQUEST too, but it does not expect the message until an authentication completes.

    Unfortunately it seems that OpenSSH sends some of these (maybe the hostkeys-prove-00@openssh.com) even before the authentication.

    The problem has been fixed in SSH.NET 2016.0.0-beta1. See Issue #8.

    So it seems that a good hack might be to get Net::SSH::Perl to simply ignore all of these global requests.

    Does that sound right? Any better suggestions?

        Mr. Muskrat++

        Thanks for the pointer. You are correct - I am not on version 2.01 as I thought.

        Looking at the 2.01 code, they already have a fix in place for this issue.

        I'm glad it was fixed!

        -Craig

      Folks-

      This is a quick hack that seems to be working for me.

      Suggestions on a better one would be welcome!

      Thanks

      -Craig

      Editing .../Net/SSH/Perl/Packet.pm:

      217 sub read_expect { 218 my $class = shift; 219 my($ssh, $type) = @_; 220 my $pack = $class->read($ssh); 221 while($pack->type == 80) { # CMV Hack start vvvv 222 print STDERR "IGNORING GLOBAL MESSAGE..."; 223 $pack = $class->read($ssh); 224 print STDERR " NEXT MESSAGE IS: ", $pack->type, "\n"; 225 } # CMV Hack end ^^^^ 226 if ($pack->type != $type) { 227 $ssh->fatal_disconnect(sprintf 228 "Protocol error: expected packet type %d, got %d", 229 $type, $pack->type); 230 } 231 $pack; 232 }
Re: Net::SSH Protocol Error
by klongfel (Initiate) on Feb 19, 2016 at 18:54 UTC
    Hi, I have the same issue and have not been able to resolve it after looking at the OpenSSH links. Were you able to resolve this? If so how? Thanks, Kevin

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://1144748]
Approved by marto
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others drinking their drinks and smoking their pipes about the Monastery: (4)
As of 2019-03-25 05:29 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    How do you Carpe diem?





    Results (115 votes). Check out past polls.

    Notices?