X2Go Bug report logs - #1520
Proxy-Server - SSH - strong Cipher crash x2Go-Client

version graph

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: <Marian.Schwarcz@dlr.de>

Date: Thu, 14 Jan 2021 07:50:02 UTC

Severity: normal

Found in version 4.1.2.2-2020.02.13

Full log


Message #10 received at 1520@bugs.x2go.org (full text, mbox, reply):

Received: (at 1520) by bugs.x2go.org; 19 Mar 2021 18:28:59 +0000
From adam.dorsey@noaa.gov  Fri Mar 19 19:28:54 2021
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=0.5 required=3.0 tests=BAYES_50,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FROM_GOV_DKIM_AU,HTML_MESSAGE,
	SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no
	version=3.4.2
Received: from mail-ot1-x332.google.com (mail-ot1-x332.google.com [IPv6:2607:f8b0:4864:20::332])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id D60A35DAEB
	for <1520@bugs.x2go.org>; Fri, 19 Mar 2021 19:28:51 +0100 (CET)
Received: by mail-ot1-x332.google.com with SMTP id f73-20020a9d03cf0000b02901b4d889bce0so9395842otf.12
        for <1520@bugs.x2go.org>; Fri, 19 Mar 2021 11:28:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=noaa.gov; s=google;
        h=mime-version:from:date:message-id:subject:to:cc;
        bh=jeL0iLpJowPtp1QlEADlGCcauCCGzEVPbUNUKKQbsLA=;
        b=EmOCn1j+/xLsLMUL/ebHQAHDPa9mHBWfSfe2oaQUEhWSZfq6uhTEguFGxHhrwQxNCw
         bo9aEIlOj59CgTGGdirLojkMCUsZ7BL6rEAtJuVgVIJIsgzIGSCVa3w3JEt3MGZFyCF1
         BdZ60pTNsVScn0lOGMPbQrn1Tq1agACXv3iYY6eM0ho14roTcScXFQLO/vmKnkDfJBQi
         6HCquZXcy0eeBLvOLo6O1HbdoiEyYf91TaYDZluAEKm9o6lZdeu9T48A51/xpBxChZk3
         xyt6+Pf5yXlXS90UCtCYBu3ytr9DoVp0p2yASXp7vUOQeSW5KgDq7wHKUDnoECLv7PzA
         Aslg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc;
        bh=jeL0iLpJowPtp1QlEADlGCcauCCGzEVPbUNUKKQbsLA=;
        b=sl4jL7kWfBYLHVbpNSa6EQnfHTQG8/oOT89pYZfXuTEHYxNEJepmNAXjdTrLkbJz6s
         eShKkeuDPoCCIm3SR1EINDhNZ4vgJ5TdbYfSuOdzrDkFqzFw8j7hvVs7ThEl54LKIbDS
         Adnn963CwEWFCi/XcX81QUbLBUlKC3ba6uA7dy1u3T7x6oHH/mRA/Er2tFwdyn9l1Meo
         n0S6qR8Nf25EtYtlPeMqY4xvzgpq6RjE/9tsysz8qQ2IaNVzvTm7l0IpFRc7KdhYs3n+
         SHw1zAdzSG1Buum5p1oMgyUH7qfWMAENPQk//d4qjNWTHPJz+jZHCuC1uznWSLiz6dBE
         Mz/Q==
X-Gm-Message-State: AOAM5319tn2o1wjRIfimhPu/7vawLT6E9FMZNVI/ZoN0o/ayhyOX+wLx
	4xeid3oCLg5NYVesPJ1qwaUsBHpcNX9Y5T8+wmoIdw6a8HI3ZQ==
X-Google-Smtp-Source: ABdhPJzwI8IROsSBDhhQt6sDCH4jg6UgNPX3UywptQJd19XdoOTfied45oyChoZDtZkcp32oSgSQwa5XiOfNhJJqI6w=
X-Received: by 2002:a05:6830:10d6:: with SMTP id z22mr2147919oto.190.1616178528860;
 Fri, 19 Mar 2021 11:28:48 -0700 (PDT)
MIME-Version: 1.0
From: Adam Dorsey - NOAA Affiliate <adam.dorsey@noaa.gov>
Date: Fri, 19 Mar 2021 14:28:38 -0400
Message-ID: <CACRHCWGNt3jOfBtyYXWapKg0DCkAJ26+9p3N7f4=wkP9S8w=eA@mail.gmail.com>
Subject: RE: Proxy-Server - SSH - strong Cipher crash x2Go-Client
To: 1520@bugs.x2go.org
Cc: Nathan Gregg - NOAA Affiliate <nathan.gregg@noaa.gov>, 
	Chance Taylor - NOAA Affiliate <chance.taylor@noaa.gov>
Content-Type: multipart/alternative; boundary="0000000000001b6c1105bde7e378"
[Message part 1 (text/plain, inline)]
I can confirm this issue in my own environment as well.  X2Go server
version is 4.1.0.3-9.el7 running on CentOS 7.  Affected users are running
X2Go client version 4.1.2.2 on Windows 10 (though this may affect other
Windows versions as well).

We forced the use of the aes128-ctr cipher yesterday on our cluster login
nodes to resolve a security issue raised by our security team.  To do this,
we added the following line to our SSH server config file:

Ciphers aes128-ctr

After making this change, several users running the X2Go client on Windows
10 could no longer connect.  We found this bug report, and subsequently
reverted the above change, which resolved the issue.

Please note that Linux clients appeared to be unaffected by this issue; I
was able to connect from a workstation running X2Go client version 4.1.2.2
on Ubuntu Linux 20.04 without any issues.

-- 
Adam Dorsey
NOAA RDHPCS Systems Administrator Site Lead
CSRA / RedLine Performance Solutions, LLC

NOAA NESCC
1000 Galliher Drive, Suite 333, Fairmont, WV 26554
office: (304) 367-2882
cell: (304) 685-9345
adam.dorsey@noaa.gov
[Message part 2 (text/html, inline)]

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Sun Oct 24 21:27:42 2021; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.