[Ssh-sftp-perl-users] Trouble with SSH to Cisco routers, after SSH to a juniper router..
Brought to you by:
dbrobins
Menu
▾
▴
[Ssh-sftp-perl-users] Trouble with SSH to Cisco routers, after SSH to a juniper router..
|
From: Steffen S. <st...@sc...> - 2004-11-17 16:07:30
|
Hi!
I haven't really seen any mails on this list, so it might be dead, but here
goes anyways:
I work for an ISP, with both Juniper and Cisco routers..
We've already migrated to ssh vs. telnet on the Junipers, and are currently looking into dooing
the same with Cisco..
Only problem is that I'm seeing some very strange behaviour in some cases..
We've built a script, which does an MPLS traceroute in our net, by logging into each
box on the path to a destination, and sometimes we have a juniper M10(i) before a Cisco,
which crashes ssh when using perl..
When the trace doesn't encounter any junipers, it all works neatly..
I've added some debug printouts, but I still don't get it:
login1.nms.tele.dk: Reading configuration data /home/ssch/.ssh/config
login1.nms.tele.dk: Reading configuration data /etc/ssh_config
login1.nms.tele.dk: Connecting to 80.63.81.17, port 22.
login1.nms.tele.dk: Remote protocol version 1.5, remote software version Cisco-1.25
login1.nms.tele.dk: Net::SSH::Perl Version 1.23-JUNOS, protocol version 1.5.
login1.nms.tele.dk: No compat match: Cisco-1.25.
login1.nms.tele.dk: Connection established.
login1.nms.tele.dk: Waiting for server public key.
login1.nms.tele.dk: Received server public key (768 bits) and host key (1024 bits).
login1.nms.tele.dk: Host '80.63.81.17' is known and matches the host key.
login1.nms.tele.dk: Encryption type: DES3
login1.nms.tele.dk: Sent encrypted session key.
Encrypting the text: '$in' which is length($in) = 8 bytes long
[69][104][206][111][168][126][233][50]
login1.nms.tele.dk: Received encryption confirmation.
Encrypting the text: '$in' which is length($in) = 8 bytes long
[110][53][35][3][4][0][0][0]
Encrypting the text: '$in' which is length($in) = 8 bytes long
[131][210][185][70][6][44][134][232]
Encrypting the text: '$in' which is length($in) = 8 bytes long
[18][240][79][3][76][95][40][16]
Encrypting the text: '$in' which is length($in) = 8 bytes long
[62][105][126][18][67][15][242][109]
Encrypting the text: '$in' which is length($in) = 8 bytes long
[90][141][66][105][177][29][203][139]
login1.nms.tele.dk: Trying password authentication.
Encrypting the text: '$in' which is length($in) = 8 bytes long
[252][153][78][247][207][41][255][240]
Encrypting the text: '$in' which is length($in) = 8 bytes long
[41][55][83][78][98][88][168][179]
Encrypting the text: '$in' which is length($in) = 8 bytes long
[79][82][217][40][0][135][189][139]
Encrypting the text: '$in' which is length($in) = 8 bytes long
[159][78][80][188][122][50][147][236]
Encrypting the text: '$in' which is length($in) = 8 bytes long
[249][202][18][240][27][164][228][27]
Encrypting the text: '$in' which is length($in) = 8 bytes long
[218][120][251][241][77][68][121][110]
Encrypting the text: '$in' which is length($in) = 8 bytes long
[255][34][146][226][53][113][57][11]
login1.nms.tele.dk: Sending command with SSH1: show tag-switching forwarding-table tags 563 detail
login1.nms.tele.dk: Started packet
login1.nms.tele.dk: Filled in cmd..
Encrypting the text: '$in' which is length($in) = 8 bytes long
[86][148][221][195][250][99][64][157]
80.63.81.17: input must be 8 bytes long at /usr/local/lib/perl5/site_perl/5.8.5/mach/Crypt/DES.pm line 57.
I realize that the version of Net::SSH::Perl is a special modded version by Juniper, but it also does
this with the regular one.. And also, it works when juniper routers is avoided..
Now, apart from enabling debug, i've added these printouts to CBC.pm (v.1,5):
sub encrypt {
my $cbc = shift;
my $data = shift;
my $retval = "";
my $iv = $cbc->{iv};
my $size = $cbc->{cipher}->blocksize;
while (length $data) {
my $in = substr($data, 0, $size, '') ^ $iv;
> print "Encrypting the text: '\$in' which is length(\$in) = ".length($in)." bytes long\n";
> for(my $o=0; $o<length($in);$o++) { print "[".(ord(substr($in,$o,$o+1)))."]"; }
> print "\n";
$iv = $cbc->{cipher}->encrypt($in);
$retval .= $iv;
}
$cbc->{iv} = $iv;
$retval;
}
Which is shown above..
Now! It complains that it didn't get input which we're 8 bytes long?
Look at the debug trace and the printouts.. EVERYTHING is 8 bytes long!!
what is the problem here??
Any help is much appreciated!!
/Steffen
|
