Can't connect (SCP, SSH) in Xamarin Android #807
Comments
|
Did you solve this yet? What version of mono are you using? |
|
Not solved. I don't know what version of Mono I'm using. I believe it was roughly the latest Xamarin. |
|
When you get a chance, if you could check the mono version that'd be great.... I'm exploring possibly the same issue with a different product that uses the SSH.NET library. Wondering if the mono version is the culprit. |
|
I don't explicitly have mono installed -- that's not needed for Xamarin work. The Mono.Android assembly that VS is using for the Xamarin Android project is in a folder named |
|
Ok, on the other project I'm working on we discovered that mono doesn't support ECDSA keys. SSH.NET library will throw the NotImplemented exception when it's running via mono. (It works fine when using native .NET on Windows though.) So you might be able to "solve" your problem by not using an ECDSA key... |
|
What you say about the keys may be right, but I think my issue is happening way before a connection. It's related to |
It seems Session.WaitOnHandle is in https://github.com/sshnet/SSH.NET/blob/develop/src/Renci.SshNet/Session.cs It might be waiting at the below for the receive thread to either receive, or find an exception, and it got exception: SSH.NET/src/Renci.SshNet/Session.cs Line 852 in f072c5f
The stack trace names suggest that it's working on connect, but it likely died before SSH connection was finished. Server: Elliptic Curve Diffie-Hellman Key Exchange Reply, New Keys Processing of that server SSH.NET/src/Renci.SshNet/Session.cs Lines 1298 to 1302 in f072c5f and at some point the key from the server might hit here: SSH.NET/src/Renci.SshNet/Security/Cryptography/EcdsaKey.cs Lines 238 to 242 in a5bd08d ECDsa Class and ECDsaCng Class get involved, and so maybe it hits the NotImplementedException around here. NotImplementedException has been in ECDsaCng.cs a long time, maybe added here, then later exposed through Any SSH.NET developer comments? Could these very welcome new capabilities be exposing an old gap in mono? |
|
I'm noticing the 2017 mono change did a similar NotImplementedException to RsaCng.cs just below ECDsaCng.cs |
I was able to reproduce with an OpenSSH server by using an ECDSA key. |
|
Hi friend, |
|
My solution was in Xamarin, to create a binding to the JSCH java library and use that in my xamarin android proj. |
|
A workaround is try new ECDsaCng() to see if it's implemented. If exception occurs, go through HostKeyAlgorithms.Keys, and HostKeyAlgorithms.Remove(key) the ones beginning with ecdsa (inspired by Limit what algorithms or ciphers are used #730). |
Certain Cisco devices do not adhere to RFC4342 and do not reply if the client identifies first. Since identifcation can be in random order it will give random connection issues because the SSH_MSG_KEXINIT will not be sent if the client is faster. Since SSH.Net is not at fault and compatibility with Cisco (and possibly other) devices is something that can easily be supported I've written this modification. Added LazyIdentification to the ConnectionInfo object to allow late identification in ProtocolVersionExchange. Overloaded 'Start' function to keep the original functionality and tests intact. Highly likely fixes issues sshnet#752, sshnet#778, sshnet#469 and might help with sshnet#798, sshnet#767, sshnet#807
Certain Cisco devices do not adhere to RFC4342 and do not reply if the client identifies first. Since identifcation can be in random order it will give random connection issues because the SSH_MSG_KEXINIT will not be sent if the client is faster. Since SSH.Net is not at fault and compatibility with Cisco (and possibly other) devices is something that can easily be supported I've written this modification. Added LazyIdentification to the ConnectionInfo object to allow late identification in ProtocolVersionExchange. Overloaded 'Start' function to keep the original functionality and tests intact. Highly likely fixes issues sshnet#752, sshnet#778, sshnet#469 and might help with sshnet#798, sshnet#767, sshnet#807
|
ECDSA is simply not implemented on Mono. The only real fix would be to use a different implementation, such as the one provided by Bouncy Castle. You can work around the issue by removing the ECDSA algorithms from try { using (var ecdsa = new System.Security.Cryptography.ECDsaCng()) ; }
catch (NotImplementedException)
{
var algsToRemove = connectionInfo.HostKeyAlgorithms.Keys.Where(algName => algName.StartsWith("ecdsa")).ToArray();
foreach (var algName in algsToRemove) connectionInfo.HostKeyAlgorithms.Remove(algName);
}If you get |
|
Should be fixed by #1461 |
Calling
Connect()with an SSH or SCP client (and likely others) causes this exception. Does this library not work in Xamarin Android?I don't see where in this library ti's throwing
NotImplementedException, so I'm guessing something missing in Mono / .NET Standard?The text was updated successfully, but these errors were encountered: