Menu

#30 check_ssh generates syslog warning on ssh-2.2.0

open-fixed
Karl DeBisschop
check_ssh (5)
1
2000-09-20
2000-09-05
Anonymous
No

When a server running ssh-2.2.0 is probed by check_ssh it generates the following syslog output:

Local disconnected: Received packet with wrong granularity
Protocol error in local: 'Received packet with wrong granularity'

These seem to originate from lib/sshproto/trcommon.c.

check_ssh will correctly verify the state of the server, and return the
correct version number, however a lot of syslog output is generated in the
process.

Discussion

  • Karl DeBisschop

    Karl DeBisschop - 2000-09-06

    can you run 'check_ssh -V' so I can know exactly whihc version you are running -- we have done some work to try and resolve this, so I need to be sure what version I'm dealing with.

     

  • Nobody/Anonymous

    Nobody/Anonymous - 2000-09-09

    FreeBSD 3.5-stable
    OpeenSSH-1.2
    check_ssh (netsaint-plugins 1.2.9-a7) 1.14

    # telnet localhost 22
    Trying 127.0.0.1...
    Connected to localhost.
    Escape character is '^]'.
    SSH-1.5-OpenSSH-1.2

    # ./check_ssh -V
    check_ssh (netsaint-plugins 1.2.9-a7) 1.14
    The netsaint plugins come with ABSOLUTELY NO WARRANTY. You may redistribute
    copies of the plugins under the terms of the GNU General Public License.
    For more information about these matters, see the file named COPYING.

    I receive log entries like the following:

    Sep 8 21:41:30 xenon sshd[55949]: fatal: Disconnecting: Bad packet length 0.

    I'm wondering if there is a certain "procedure" to connect to ssh that the plugin is not following in both cases?

    Jason K.

     

  • Nobody/Anonymous

    Nobody/Anonymous - 2000-09-13

    I'm running 1.14.

    Having done a bit more investigation, it looks like the problem is due to
    check_ssh sending more data than it needs to around line 242:

    send(s, buffer, BUFF_SZ, 0)

    I modified this section of the code to write the protocol version response
    into another buffer and send only strlen(other buffer) bytes. I also had
    to remove the 'revision' string from the response.

    Now sshd only complains about a connection being lost. No more
    protocol errors.

     

  • Karl DeBisschop

    Karl DeBisschop - 2000-09-20
    • priority: 5 --> 1
    • assigned_to: nobody --> kdebisschop
    • status: open --> open-fixed
     

  • Karl DeBisschop

    Karl DeBisschop - 2000-09-20

    I now write only the length of the sring. I get entries in my syslog that no ident string was sent, the reported error is gone. I'm looking through the SSH protocal to find if there is some sort of NOOP I can send to suppress this, but I have not found one yet.

     

  • Lord Batlin

    Lord Batlin - 2000-10-30

    Well, I'm not jason, but I'm having the same problem. Here's what I get for ssh -V

    bash-2.03$ ./check_ssh -V
    -V: Unknown host
    bash-2.03$ ./check_ssh
    Incorrect number of arguments supplied

    check_ssh plugin for netsaint (revision 1.4, package release 1.2.8pre1)
    SSH plugin for NetSaint
    Copyright (c) 1999 Remi Paulmier (remi@sinfomic.fr)
    Last Modified: 07-22-1999
    License: GPL

    Usage: ./check_ssh <dst_addr> [port]

    by default, port is 22

    ---------------------------
    I have yet to see if I get the same with v1.14. Will find out within the week.

     

  • Lord Batlin

    Lord Batlin - 2000-10-30

    apologies, I failed to notice that the followups are listed from newest to oldest. -Batlin

     

Log in to post a comment.