Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSH.NET" Version=2020.0.0 #767

Closed
alona0610 opened this issue Jan 20, 2021 · 7 comments
Closed

SSH.NET" Version=2020.0.0 #767

alona0610 opened this issue Jan 20, 2021 · 7 comments
Milestone
2023.0.1

Comments

@alona0610
Copy link

Hi
I have a problem with SSH.Net 2020.0.0 When trying to SFTP file to Linux Server.
I am using .Net Core 3.1 under IIS.

The error that I am getting randomly is that the server is timing out.
Renci.SshNet.Common.SshOperationTimeoutException: Connection failed to establish within 30000 milliseconds.

Below is my code.
var connectionInfo = new RenciSftp.ConnectionInfo(this.FileServerHost,
this.FileServerUsername,
new RenciSftp.PasswordAuthenticationMethod(this.FileServerUsername, this.FileServerPassword));

        using (var client = new RenciSftp.SftpClient(connectionInfo))
        {
            try
            {
                client.Connect();
                client.ChangeDirectory(remoteDir);
                client.BufferSize = 4 * 1024; // bypass Payload error large files
                using (var fileStream = fileStorage.GetFileStream(session))
                {
                    client.UploadFile(fileStream, serverFilename);
                }
            }

            catch (Renci.SshNet.Common.SshConnectionException ex)
            {
                this.AddUploadError("ERROR","SshConnectionException", hostName + ";  " +  IP, ex.ToString());
            }
            catch (System.Net.Sockets.SocketException ex)
            {
                this.AddUploadError("ERROR", "SocketException", hostName + "; " + IP, ex.ToString());
            }

            catch (Renci.SshNet.Common.SshAuthenticationException ex)
            {
                this.AddUploadError("ERROR","SshAuthenticationException", hostName + ";  " + IP, ex.ToString());
            }
            catch (Exception ex)
            {
                this.AddUploadError("ERROR","General Error", hostName + ";  " + IP, ex.ToString());
            }

            client.Disconnect();
            client.Dispose();

}
@alona0610
Copy link
Author

Any info on that error?

@vvvarunv
Copy link

vvvarunv commented Feb 25, 2021
edited
Loading

With 2020.0.1 I am also seeing similar errors

connection time(ms) : 30013, exception : Renci.SshNet.Common.SshOperationTimeoutException: Session operation has timed out

I reverted to 2016.1.0 and things are fine now

This is when trying to SSH into a Cisco router.

@vvvarunv
Copy link

@drieseng : Any update on this?

@drieseng
Copy link
Member

Can any of you give me (private) access to a server/device that I can use to reproduce this issue?

@Sparin
Copy link

Sparin commented Jun 24, 2021

Hi everyone!

We (on my job) recently met this error on connecting to Cisco Catalyst 9300-48UN-A Switch (Cisco IOS XE 16.12.2s). In our case, we unexpectedly stuck at awaiting SSH_MSG_KEXINIT from the Cisco switch after a few successful connections. It's just awaiting 30 seconds for timeout and drop the connection then.

During a sniffing session, we've concluded switch awaits SSH_MSG_KEXINIT from us for no reason. We tried to move sending SSH_MSG_KEXINIT from the KeyExchange.cs file/procedure just before the awaiting SSH_MSG_KEXINIT from the server at Session.cs. Looking to RFC 4253 Section 7 and source code of SSH.NET, I didn't find any reason to awaits SSH_MSG_KEXINIT from the server. So it looks like a race condition deadlock.

Our step to reproduce a little bit the same

  1. Deploy any ASP.NET Core or .NET Core 3.1 server under IIS 10 deployment
  2. Invoke your SSH.NET code to Cisco at anyways for multiple times
  3. First attempts probably will be fine, but after some time you'll get a deadlock

Our code snippet which we are testing

public bool IsKeyValid(string userName, string privateKey)
{
    using var privateKeyStream = new MemoryStream(Encoding.ASCII.GetBytes(privateKey));
    using var sshClient = new SshClient(_address, _port ?? 22, userName, new PrivateKeyFile(privateKeyStream));
    sshClient.Connect();

    return sshClient.IsConnected;
}

Can any of you give me (private) access to a server/device that I can use to reproduce this issue?

@drieseng We don't have direct access to the switch and server with this problem, but maybe we can agree on a Zoom session with the owner. But probably they'll decline the request for NDA reasons

@Sparin Sparin mentioned this issue Jun 24, 2021
Closed
likeMyCoffee added a commit to likeMyCoffee/SSH.NET that referenced this issue Jun 29, 2021
@likeMyCoffee
Cisco connection issue fix
bd95e41 
Certain Cisco devices do not adhere to RFC4342 and do not reply if the client identifies first.
Since identifcation can be in random order it will give random connection issues because the SSH_MSG_KEXINIT will not be sent if the client is faster.

Since SSH.Net is not at fault and compatibility with Cisco (and possibly other) devices is something that can easily be supported I've written this modification.

Added LazyIdentification to the ConnectionInfo object to allow late identification in ProtocolVersionExchange.
Overloaded 'Start' function to keep the original functionality and tests intact.

Highly likely fixes issues sshnet#752, sshnet#778, sshnet#469 and might help with sshnet#798, sshnet#767, sshnet#807
likeMyCoffee added a commit to likeMyCoffee/SSH.NET that referenced this issue Jun 29, 2021
@likeMyCoffee
Cisco connection issue fix
60069be 
Certain Cisco devices do not adhere to RFC4342 and do not reply if the client identifies first.
Since identifcation can be in random order it will give random connection issues because the SSH_MSG_KEXINIT will not be sent if the client is faster.

Since SSH.Net is not at fault and compatibility with Cisco (and possibly other) devices is something that can easily be supported I've written this modification.

Added LazyIdentification to the ConnectionInfo object to allow late identification in ProtocolVersionExchange.
Overloaded 'Start' function to keep the original functionality and tests intact.

Highly likely fixes issues sshnet#752, sshnet#778, sshnet#469 and might help with sshnet#798, sshnet#767, sshnet#807
@likeMyCoffee likeMyCoffee mentioned this issue Jun 29, 2021
Closed
@geoffstewart geoffstewart mentioned this issue Jun 24, 2022
Closed
@WojciechNagorski
Copy link
Collaborator

It's done in #1274

@WojciechNagorski WojciechNagorski added this to the 2023.0.1 milestone Dec 21, 2023
@WojciechNagorski
Copy link
Collaborator

The 2023.0.1 version has been released to Nuget: https://www.nuget.org/packages/SSH.NET/2023.0.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2023.0.1
Development

No branches or pull requests
5 participants
@drieseng @Sparin @vvvarunv @WojciechNagorski @alona0610