From unknown Thu Apr 16 01:24:52 2026 X-Loop: owner@bugs.x2go.org Subject: Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client Reply-To: Adam Dorsey - NOAA Affiliate , 1520@bugs.x2go.org Resent-From: Adam Dorsey - NOAA Affiliate Resent-To: x2go-dev@lists.x2go.org Resent-CC: X2Go Developers X-Loop: owner@bugs.x2go.org Resent-Date: Fri, 19 Mar 2021 18:30:02 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: followup 1520 X-X2Go-PR-Package: x2goclient X-X2Go-PR-Keywords: References: Received: via spool by 1520-submit@bugs.x2go.org id=B1520.161617853930510 (code B ref 1520); Fri, 19 Mar 2021 18:30:02 +0000 Received: (at 1520) by bugs.x2go.org; 19 Mar 2021 18:28:59 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.5 required=3.0 tests=BAYES_50,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FROM_GOV_DKIM_AU,HTML_MESSAGE, SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-ot1-x332.google.com (mail-ot1-x332.google.com [IPv6:2607:f8b0:4864:20::332]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id D60A35DAEB for <1520@bugs.x2go.org>; Fri, 19 Mar 2021 19:28:51 +0100 (CET) Received: by mail-ot1-x332.google.com with SMTP id f73-20020a9d03cf0000b02901b4d889bce0so9395842otf.12 for <1520@bugs.x2go.org>; Fri, 19 Mar 2021 11:28:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=noaa.gov; s=google; h=mime-version:from:date:message-id:subject:to:cc; bh=jeL0iLpJowPtp1QlEADlGCcauCCGzEVPbUNUKKQbsLA=; b=EmOCn1j+/xLsLMUL/ebHQAHDPa9mHBWfSfe2oaQUEhWSZfq6uhTEguFGxHhrwQxNCw bo9aEIlOj59CgTGGdirLojkMCUsZ7BL6rEAtJuVgVIJIsgzIGSCVa3w3JEt3MGZFyCF1 BdZ60pTNsVScn0lOGMPbQrn1Tq1agACXv3iYY6eM0ho14roTcScXFQLO/vmKnkDfJBQi 6HCquZXcy0eeBLvOLo6O1HbdoiEyYf91TaYDZluAEKm9o6lZdeu9T48A51/xpBxChZk3 xyt6+Pf5yXlXS90UCtCYBu3ytr9DoVp0p2yASXp7vUOQeSW5KgDq7wHKUDnoECLv7PzA Aslg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=jeL0iLpJowPtp1QlEADlGCcauCCGzEVPbUNUKKQbsLA=; b=sl4jL7kWfBYLHVbpNSa6EQnfHTQG8/oOT89pYZfXuTEHYxNEJepmNAXjdTrLkbJz6s eShKkeuDPoCCIm3SR1EINDhNZ4vgJ5TdbYfSuOdzrDkFqzFw8j7hvVs7ThEl54LKIbDS Adnn963CwEWFCi/XcX81QUbLBUlKC3ba6uA7dy1u3T7x6oHH/mRA/Er2tFwdyn9l1Meo n0S6qR8Nf25EtYtlPeMqY4xvzgpq6RjE/9tsysz8qQ2IaNVzvTm7l0IpFRc7KdhYs3n+ SHw1zAdzSG1Buum5p1oMgyUH7qfWMAENPQk//d4qjNWTHPJz+jZHCuC1uznWSLiz6dBE Mz/Q== X-Gm-Message-State: AOAM5319tn2o1wjRIfimhPu/7vawLT6E9FMZNVI/ZoN0o/ayhyOX+wLx 4xeid3oCLg5NYVesPJ1qwaUsBHpcNX9Y5T8+wmoIdw6a8HI3ZQ== X-Google-Smtp-Source: ABdhPJzwI8IROsSBDhhQt6sDCH4jg6UgNPX3UywptQJd19XdoOTfied45oyChoZDtZkcp32oSgSQwa5XiOfNhJJqI6w= X-Received: by 2002:a05:6830:10d6:: with SMTP id z22mr2147919oto.190.1616178528860; Fri, 19 Mar 2021 11:28:48 -0700 (PDT) MIME-Version: 1.0 From: Adam Dorsey - NOAA Affiliate Date: Fri, 19 Mar 2021 14:28:38 -0400 Message-ID: To: 1520@bugs.x2go.org Cc: Nathan Gregg - NOAA Affiliate , Chance Taylor - NOAA Affiliate Content-Type: multipart/alternative; boundary="0000000000001b6c1105bde7e378" --0000000000001b6c1105bde7e378 Content-Type: text/plain; charset="UTF-8" I can confirm this issue in my own environment as well. X2Go server version is 4.1.0.3-9.el7 running on CentOS 7. Affected users are running X2Go client version 4.1.2.2 on Windows 10 (though this may affect other Windows versions as well). We forced the use of the aes128-ctr cipher yesterday on our cluster login nodes to resolve a security issue raised by our security team. To do this, we added the following line to our SSH server config file: Ciphers aes128-ctr After making this change, several users running the X2Go client on Windows 10 could no longer connect. We found this bug report, and subsequently reverted the above change, which resolved the issue. Please note that Linux clients appeared to be unaffected by this issue; I was able to connect from a workstation running X2Go client version 4.1.2.2 on Ubuntu Linux 20.04 without any issues. -- Adam Dorsey NOAA RDHPCS Systems Administrator Site Lead CSRA / RedLine Performance Solutions, LLC NOAA NESCC 1000 Galliher Drive, Suite 333, Fairmont, WV 26554 office: (304) 367-2882 cell: (304) 685-9345 adam.dorsey@noaa.gov --0000000000001b6c1105bde7e378 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I can confirm this issue in my own environment as well.=C2= =A0 X2Go server version is 4.1.0.3-9.el7 running on CentOS 7.=C2=A0 Affecte= d users are running X2Go client version 4.1.2.2 on Windows 10 (though this = may affect other Windows versions as well).

We forced the use o= f the aes128-ctr cipher yesterday on our cluster login nodes to resolve a s= ecurity issue raised by our security team.=C2=A0 To do this, we added the f= ollowing line to our SSH server config file:

Ciphers aes128-ctr
After making this change, several users running the X2Go client= on Windows 10 could no longer connect.=C2=A0 We found this bug report, and= subsequently reverted the above change, which resolved the issue.

Please note that Linux clients appeared to be unaffected b= y this issue; I was able to connect from a workstation running X2Go client = version 4.1.2.2 on Ubuntu Linux 20.04 without any issues.
--
Adam Dorsey
NOAA RDHPCS Sy= stems Administrator Site Lead
CSRA / RedLine Performance Solutions, LLC<= br>
NOAA NESCC
1000 Galliher Drive, Suite 333, Fairmont, WV 26554
= office: (304) 367-2882
cell: (304) 685-9345
adam.dorsey@noaa.gov
--0000000000001b6c1105bde7e378--