X2Go Bug report logs - #1520
Proxy-Server - SSH - strong Cipher crash x2Go-Client

version graph

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: <Marian.Schwarcz@dlr.de>

Date: Thu, 14 Jan 2021 07:50:02 UTC

Severity: normal

Found in version 4.1.2.2-2020.02.13

Full log


Message #15 received at 1520@bugs.x2go.org (full text, mbox, reply):

Received: (at 1520) by bugs.x2go.org; 17 Aug 2021 15:41:51 +0000
From adam.dorsey@noaa.gov  Tue Aug 17 17:41:45 2021
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=3.0 tests=BAYES_40,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FROM_GOV_DKIM_AU,HTML_MESSAGE,
	SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham autolearn_force=no
	version=3.4.2
Received: from mail-qk1-x72a.google.com (mail-qk1-x72a.google.com [IPv6:2607:f8b0:4864:20::72a])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 725ED5DAF8
	for <1520@bugs.x2go.org>; Tue, 17 Aug 2021 17:41:44 +0200 (CEST)
Received: by mail-qk1-x72a.google.com with SMTP id y144so10480079qkb.6
        for <1520@bugs.x2go.org>; Tue, 17 Aug 2021 08:41:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=noaa.gov; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=pKSZlV1g4kjIT2Vf44w5MIrA7ob2zOR8gpIuC1u8tHg=;
        b=UD4gqykqzUZemPDUs79tlykCsZ1DNsqsG7SYBqiMAok8c/OSjCu0K2PVaQG4xtCwsY
         a6Aj1Ynb8Qgw86SagkKdR2nmTRcC+Kiz32k7UtzqjcPewQSIiwlOfCdOr9uPMa74FFOm
         iKWlCxC3S0sNaU6F27pu96ZH+ZZCqvjJkMvC6v3JxpgZZI7J/uKH01GSJ4ukmbj9vpIl
         1v0hkdtAj6wl9lP3+jW8BBUUsDEs9IhmLQf15VhkTL1nxzObx/4jr3qcs2/fkx7RIi+l
         GUqRCdxwQ33I3MnrJRMXTBzOrhzs/inHcM4Ig43czAHg071SO81oLD6FNYu1NRAwdGnU
         1D+w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=pKSZlV1g4kjIT2Vf44w5MIrA7ob2zOR8gpIuC1u8tHg=;
        b=fI3hUh7kUnOzWLE5/I+RkX0XjX+7Qrpmt6JzMDrTArVkE8vCanDdsRFlENPZBvgpGC
         4jFQm5eespwfGaA9WEy4A2wRtOGCqi+TrrUor2fHcbP78qJIQ+4Idx6LS4qCGok3cgZ7
         lCEDeyAulCtsYxJZHl25TJasWuaGYZa0LkwFMfFPzEjPDDq5EG7g/tvAhmS8co35+ddY
         RomA0zH4ev26sI8iLRwfM83XgXxZH89kQ8h5arpvl9AlSEvJ5Js/osC6A4EdnQvdj0uV
         eYsXnYGKGIJBqGfcKgv5nmGp4CajqJzNu63fmskTvEexis2SGFrKCqyhRWr661Dn60xb
         sLJw==
X-Gm-Message-State: AOAM532hqBzNUcDmQnWq274O7j4dB3bfgk2hN1V7pRJO6INYKtAFOoI0
	SSjMRPCLM/DRGhxeD9TayA/hjuwuLpxpOZfimxr7AVRCdpwjgQ==
X-Google-Smtp-Source: ABdhPJxVmA/mVcsmoUNaFcWjzMlilr7xcGFscwtjIJA0uRTZWJQ9aI+BzE64xl5/79psyvzm0GRYHNWuAw2mHKOpf1s=
X-Received: by 2002:a05:620a:c8d:: with SMTP id q13mr370923qki.233.1629214902352;
 Tue, 17 Aug 2021 08:41:42 -0700 (PDT)
MIME-Version: 1.0
References: <CACRHCWGNt3jOfBtyYXWapKg0DCkAJ26+9p3N7f4=wkP9S8w=eA@mail.gmail.com>
In-Reply-To: <CACRHCWGNt3jOfBtyYXWapKg0DCkAJ26+9p3N7f4=wkP9S8w=eA@mail.gmail.com>
From: Adam Dorsey - NOAA Affiliate <adam.dorsey@noaa.gov>
Date: Tue, 17 Aug 2021 11:41:30 -0400
Message-ID: <CACRHCWGhyVBm+-g2+AdnQCpoGK1=rfMJSVcXhJgAG81R52Rftw@mail.gmail.com>
Subject: Re: Proxy-Server - SSH - strong Cipher crash x2Go-Client
To: 1520@bugs.x2go.org
Cc: Nathan Gregg - NOAA Affiliate <nathan.gregg@noaa.gov>, 
	Chance Taylor - NOAA Affiliate <chance.taylor@noaa.gov>
Content-Type: multipart/alternative; boundary="00000000000084a98a05c9c3279c"
[Message part 1 (text/plain, inline)]
A quick update for this bug:

Today I tested the same scenario (Cipher aes128-ctr) on our test cluster
using the latest Windows snapshot client, version
4.1.2.3-2021.07.13-df4a8ec.  The issue as described in this bug report is
still present.

Thanks,
Adam

On Fri, Mar 19, 2021 at 2:28 PM Adam Dorsey - NOAA Affiliate <
adam.dorsey@noaa.gov> wrote:

> I can confirm this issue in my own environment as well.  X2Go server
> version is 4.1.0.3-9.el7 running on CentOS 7.  Affected users are running
> X2Go client version 4.1.2.2 on Windows 10 (though this may affect other
> Windows versions as well).
>
> We forced the use of the aes128-ctr cipher yesterday on our cluster login
> nodes to resolve a security issue raised by our security team.  To do this,
> we added the following line to our SSH server config file:
>
> Ciphers aes128-ctr
>
> After making this change, several users running the X2Go client on Windows
> 10 could no longer connect.  We found this bug report, and subsequently
> reverted the above change, which resolved the issue.
>
> Please note that Linux clients appeared to be unaffected by this issue; I
> was able to connect from a workstation running X2Go client version 4.1.2.2
> on Ubuntu Linux 20.04 without any issues.
>
> --
> Adam Dorsey
> NOAA RDHPCS Systems Administrator Site Lead
> CSRA / RedLine Performance Solutions, LLC
>
> NOAA NESCC
> 1000 Galliher Drive, Suite 333, Fairmont, WV 26554
> office: (304) 367-2882
> cell: (304) 685-9345
> adam.dorsey@noaa.gov
>


-- 
Adam Dorsey
NOAA RDHPCS Systems Administrator Site Lead
CSRA / RedLine Performance Solutions, LLC

NOAA NESCC
1000 Galliher Drive, Suite 333, Fairmont, WV 26554
office: (304) 367-2882
cell: (304) 685-9345
adam.dorsey@noaa.gov
[Message part 2 (text/html, inline)]

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Fri Mar 29 05:49:28 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.