开发者

How should I write my ssh proxy command?

I'm trying to write a utility compatible with the -oProxyCommand of openssh. I wrote a utility that is a transparent socket to an ssh connection (or anything). Though it's taken some debugging I'm fairly confident it is indeed working correctly (manual IO tests, large binary file transfers all work).

OpenSSH will not work with it. I'm not sure why. Do I have to guarantee delivery of certain chunk sizes or something like that?

Here is an example trial run with debug output:

cletus:Desktop jdizzle$ ssh -v -oProxyCommand='python ./tunnel_client.py 127.0.0.1 22 2>/dev/null' 127.0.0.1
OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009
debug1: Reading configuration data /path/jdizzle/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: auto-mux: Trying existing master
debug1: Executing proxy command: exec python ./tunnel_client.py 127.0.0.1 22 2>/dev/null
debug1: identity file /path/jdizzle/.ssh/identity type -1
debug1: identity file /path/jdizzle/.ssh/id_rsa type -1
debug1: identity file /path/jdizzle/.ssh/id_dsa type -1
debug1: permanently_drop_suid: 501
debug1: Remote protocol version 2.0, remote software version O开发者_如何学CpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Received disconnect from UNKNOWN: 2: Bad packet length 1546673200.

The fact that it's decrypting a block in a strange way leads to to believe that my pipe isn't working correctly, but I've run it through all sorts of trials and it doesn't miss a beat. What am I missing?


Turns out I'm another victim of PHP magic quotes. Null bytes in my stream were being converted to '\0' behind my back! Apparently none of my tests contained a null byte.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜