When a server running ssh-2.2.0 is probed by check_ssh it generates the following syslog output:
Local disconnected: Received packet with wrong granularity
Protocol error in local: 'Received packet with wrong granularity'
These seem to originate from lib/sshproto/trcommon.c.
check_ssh will correctly verify the state of the server, and return the
correct version number, however a lot of syslog output is generated in the
process.
can you run 'check_ssh -V' so I can know exactly whihc version you are running -- we have done some work to try and resolve this, so I need to be sure what version I'm dealing with.
FreeBSD 3.5-stable
OpeenSSH-1.2
check_ssh (netsaint-plugins 1.2.9-a7) 1.14
# telnet localhost 22
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
SSH-1.5-OpenSSH-1.2
# ./check_ssh -V
check_ssh (netsaint-plugins 1.2.9-a7) 1.14
The netsaint plugins come with ABSOLUTELY NO WARRANTY. You may redistribute
copies of the plugins under the terms of the GNU General Public License.
For more information about these matters, see the file named COPYING.
I receive log entries like the following:
Sep 8 21:41:30 xenon sshd[55949]: fatal: Disconnecting: Bad packet length 0.
I'm wondering if there is a certain "procedure" to connect to ssh that the plugin is not following in both cases?
Jason K.
I'm running 1.14.
Having done a bit more investigation, it looks like the problem is due to
check_ssh sending more data than it needs to around line 242:
send(s, buffer, BUFF_SZ, 0)
I modified this section of the code to write the protocol version response
into another buffer and send only strlen(other buffer) bytes. I also had
to remove the 'revision' string from the response.
Now sshd only complains about a connection being lost. No more
protocol errors.
I now write only the length of the sring. I get entries in my syslog that no ident string was sent, the reported error is gone. I'm looking through the SSH protocal to find if there is some sort of NOOP I can send to suppress this, but I have not found one yet.
Well, I'm not jason, but I'm having the same problem. Here's what I get for ssh -V
bash-2.03$ ./check_ssh -V
-V: Unknown host
bash-2.03$ ./check_ssh
Incorrect number of arguments supplied
check_ssh plugin for netsaint (revision 1.4, package release 1.2.8pre1)
SSH plugin for NetSaint
Copyright (c) 1999 Remi Paulmier (remi@sinfomic.fr)
Last Modified: 07-22-1999
License: GPL
Usage: ./check_ssh <dst_addr> [port]
by default, port is 22
---------------------------
I have yet to see if I get the same with v1.14. Will find out within the week.
apologies, I failed to notice that the followups are listed from newest to oldest. -Batlin