X2Go Bug report logs - #1520
Proxy-Server - SSH - strong Cipher crash x2Go-Client

version graph

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: <Marian.Schwarcz@dlr.de>

Date: Thu, 14 Jan 2021 07:50:02 UTC

Severity: normal

Found in version 4.1.2.2-2020.02.13

Full log


🔗 View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#1520: [X2Go-Dev] Bug#1520: Proxy-Server - SSH - strong Cipher crash x2Go-Client
Reply-To: Adam Dorsey - NOAA Affiliate <adam.dorsey@noaa.gov>, 1520@bugs.x2go.org
Resent-From: Adam Dorsey - NOAA Affiliate <adam.dorsey@noaa.gov>
Resent-To: x2go-dev@lists.x2go.org
Resent-CC: X2Go Developers <x2go-dev@lists.x2go.org>
X-Loop: owner@bugs.x2go.org
Resent-Date: Mon, 20 Sep 2021 19:15:01 +0000
Resent-Message-ID: <handler.1520.B1520.16321652673922@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: followup 1520
X-X2Go-PR-Package: x2goclient
X-X2Go-PR-Keywords: 
References: <d2a6c484573844229e9e87c588ec8ba0@dlr.de> <CACRHCWGNt3jOfBtyYXWapKg0DCkAJ26+9p3N7f4=wkP9S8w=eA@mail.gmail.com> <CACRHCWGhyVBm+-g2+AdnQCpoGK1=rfMJSVcXhJgAG81R52Rftw@mail.gmail.com> <d2a6c484573844229e9e87c588ec8ba0@dlr.de>
Received: via spool by 1520-submit@bugs.x2go.org id=B1520.16321652673922
          (code B ref 1520); Mon, 20 Sep 2021 19:15:01 +0000
Received: (at 1520) by bugs.x2go.org; 20 Sep 2021 19:14:27 +0000
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-3.5 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FROM_GOV_DKIM_AU,HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,URIBL_BLOCKED autolearn=ham
	autolearn_force=no version=3.4.2
Received: from mail-qk1-x733.google.com (mail-qk1-x733.google.com [IPv6:2607:f8b0:4864:20::733])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 63E815DB0A
	for <1520@bugs.x2go.org>; Mon, 20 Sep 2021 21:14:18 +0200 (CEST)
Received: by mail-qk1-x733.google.com with SMTP id 73so41405283qki.4
        for <1520@bugs.x2go.org>; Mon, 20 Sep 2021 12:14:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=noaa.gov; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=LHCoHKmaayHKvhpt6nvLdsoKSBVxAia4UIeL2LBuVSY=;
        b=XV8SbSQmqr0l46CaABzss0JL80upbNWoSpDOPk22xr5fQFmbF9Y4v/f7Pk0/215eum
         VObmmhRlChH2wBfCQwB8UVsGLMb7RBu+BRpAIZHO+gjpEsEFF3+9vTpG6XKxkYS+eM0p
         NHsYHmgjK/mKttEJnvQMaelZE0qE91gaa1IESUMleeGvbUt+ilTl2Yranbfcm63UVRpo
         uSJidzi/ck38lSIWZO64Gn65chl+f2ADVWsyCq70+d2spRBEuzd6e1/S8C8sQ1fO4R2R
         VPjaLqai2jaz6BEjIt1cuKZOmaQFWA1Aqohd9W0yBpqwO4YAmyISs6Y3/BEHxJJSNIAM
         18OQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=LHCoHKmaayHKvhpt6nvLdsoKSBVxAia4UIeL2LBuVSY=;
        b=Z50DDS0vLxo6Ksl83rKXiTIWr+vZ8mYEPX4z7dU8JxX6VcGyCMWYB/gtparZsDY8gK
         ipy7by8NkY7Yd4mGNF9C/6WphDcPLqmn8+7OBJ7s4SEx8ECoRG6b6f+d1hPJoPWeIEF6
         4UHZ2a0CXODuu/0wN5Dh5goXcwT0ETeaqqIvJkRk3qIn6H9MjqyyZDmWqBCvjuG3BTDg
         xRLOtTzBAfVHocdzXmn+R4G+C/w1cGeReOFJfYY8pO1xJwQeeIjp2lut2zs8V68qYjL4
         0cwZa5nkalbhQizZ+he8MR4t1mLZZN2Ks3Do/baMgtmk2fzwEEpKz4KdfWFhHZsc3cNK
         9w+A==
X-Gm-Message-State: AOAM5309QD4iJmDIOo548yq125bSnVnvpZohR+uugoSCBdNUyNCYBLfw
	zBCMrVeLy9GCcmRcXy9XZn9dyi8+vF604eLBzTqlSQkkVf+kwA==
X-Google-Smtp-Source: ABdhPJzkBZ/Pto3H0Py8M69yin4bL6j5ZNb4T6w7zaKlnlc3oXSsCMC0fsKPsKoCxxS4hadHSYspe/OJRrAhtONjHLk=
X-Received: by 2002:a37:8a05:: with SMTP id m5mr26299644qkd.44.1632165256184;
 Mon, 20 Sep 2021 12:14:16 -0700 (PDT)
MIME-Version: 1.0
In-Reply-To: <CACRHCWGhyVBm+-g2+AdnQCpoGK1=rfMJSVcXhJgAG81R52Rftw@mail.gmail.com>
From: Adam Dorsey - NOAA Affiliate <adam.dorsey@noaa.gov>
Date: Mon, 20 Sep 2021 15:14:05 -0400
Message-ID: <CACRHCWEg+XefksALmp_BeT2jL_DZYZEfhaPq79L03pnby7-Lkg@mail.gmail.com>
To: 1520@bugs.x2go.org
Cc: Chance Taylor - NOAA Affiliate <chance.taylor@noaa.gov>, 
	Nathan Gregg - NOAA Affiliate <nathan.gregg@noaa.gov>
Content-Type: multipart/alternative; boundary="0000000000004f83db05cc721686"
[Message part 1 (text/plain, inline)]
I used the process described in bug 1557 today to attempt to capture debug
information.  I didn't get anything useful, and no clues as to why the X2Go
client is crashing with strong ciphers.

x2go-INFO-1> "Starting X2Go Client 4.1.2.3..."
x2go-WARNING-1> English language requested, not loading translator.
x2go-WARNING-1> English language requested, not loading translator.
x2go-DEBUG-../src/onmainwindow.cpp:10902> Getting X.Org Server settings.
x2go-INFO-3> "Started X2Go Client."
x2go-DEBUG-../src/onmainwindow.cpp:626> "$HOME=C:/Users/Adam"
x2go-DEBUG-../src/onmainwindow.cpp:2359> Reading 1 sessions from config
file.
x2go-DEBUG-../src/onmainwindow.cpp:13415> libssh not initialized yet.
Initializing.
x2go-DEBUG-../src/pulsemanager.cpp:369> pulseaudio --version
returned:"pulseaudio 13.0

"

x2go-DEBUG-../src/onmainwindow.cpp:10805> Starting helper servers for
Windows ...
x2go-DEBUG-../src/onmainwindow.cpp:10972>
"/cygdrive/C/Users/Adam/.x2go/var" cygwin var path
x2go-DEBUG-../src/onmainwindow.cpp:11060>
"C:/Users/Adam/.x2go/etc/sshd_config created."
x2go-DEBUG-../src/onmainwindow.cpp:10467> Resolved localhost.
x2go-DEBUG-../src/onmainwindow.cpp:2853> Creating QPixmap with session
icon: '":/img/icons/128x128/x2gosession.png"'.
x2go-DEBUG-../src/pulsemanager.cpp:227> pulse started with arguments
("--exit-idle-time=-1", "-n", "-F",
"C:\Users\Adam\.x2go\pulse\config.pa", "-p", "C:\Program Files
(x86)\x2goclient\pulse\lib\pulse-13.0\modules",
"--log-level=debug", "--verbose",
"--log-target=file:C:\Users\Adam\.x2go\pulse\pulse.log") - waiting for it
to
finish...
x2go-DEBUG-../src/onmainwindow.cpp:10489> Port is free: 7022
x2go-DEBUG-../src/onmainwindow.cpp:11411> Logging cygwin sshd to:
"C:/Users/Adam/.x2go/sshLogs/p12616.log"
x2go-DEBUG-../src/onmainwindow.cpp:11425> Creating desktop: x2go_Adam
x2go-DEBUG-../src/onmainwindow.cpp:10467> Resolved localhost.
x2go-DEBUG-../src/onmainwindow.cpp:10495> Port already in use: 7022
x2go-DEBUG-../src/onmainwindow.cpp:10467> Resolved localhost.
x2go-DEBUG-../src/onmainwindow.cpp:10495> Port already in use: 7022
x2go-DEBUG-../src/onmainwindow.cpp:11522> User mode OpenSSH server started
successfully.
x2go-INFO-8> "Starting connection to server: localhost:49199"
x2go-DEBUG-../src/onmainwindow.cpp:2954> Starting new ssh connection to
server:"localhost":"49199" krbLogin: false
x2go-DEBUG-../src/sshmasterconnection.cpp:168> SshMasterConnection, host
"localhost"; port 49199; user "Adam.Dorsey";
useproxy false; proxyserver ""; proxyport 22
x2go-DEBUG-../src/sshmasterconnection.cpp:248> Starting SSH connection
without Kerberos authentication.
x2go-DEBUG-../src/sshmasterconnection.cpp:250> SshMasterConnection,
instance SshMasterConnection(0x548e2a8)  created.
x2go-DEBUG-../src/sshmasterconnection.cpp:492> SshMasterConnection,
instance SshMasterConnection(0x548e2a8)  entering
thread.
x2go-DEBUG-../src/sshmasterconnection.cpp:573> Setting SSH directory to
C:/Users/Adam/ssh
x2go-DEBUG-../src/sshmasterconnection.cpp:795> Session port before config
file parse: 49199
x2go-DEBUG-../src/sshmasterconnection.cpp:805> Session port after config
file parse: 49199

On Tue, Aug 17, 2021 at 11:45 AM Adam Dorsey - NOAA Affiliate <
adam.dorsey@noaa.gov> wrote:

> A quick update for this bug:
>
> Today I tested the same scenario (Cipher aes128-ctr) on our test cluster
> using the latest Windows snapshot client, version
> 4.1.2.3-2021.07.13-df4a8ec.  The issue as described in this bug report is
> still present.
>
> Thanks,
> Adam
>
> On Fri, Mar 19, 2021 at 2:28 PM Adam Dorsey - NOAA Affiliate <
> adam.dorsey@noaa.gov> wrote:
>
>> I can confirm this issue in my own environment as well.  X2Go server
>> version is 4.1.0.3-9.el7 running on CentOS 7.  Affected users are running
>> X2Go client version 4.1.2.2 on Windows 10 (though this may affect other
>> Windows versions as well).
>>
>> We forced the use of the aes128-ctr cipher yesterday on our cluster login
>> nodes to resolve a security issue raised by our security team.  To do this,
>> we added the following line to our SSH server config file:
>>
>> Ciphers aes128-ctr
>>
>> After making this change, several users running the X2Go client on
>> Windows 10 could no longer connect.  We found this bug report, and
>> subsequently reverted the above change, which resolved the issue.
>>
>> Please note that Linux clients appeared to be unaffected by this issue; I
>> was able to connect from a workstation running X2Go client version 4.1.2.2
>> on Ubuntu Linux 20.04 without any issues.
>>
>> --
>> Adam Dorsey
>> NOAA RDHPCS Systems Administrator Site Lead
>> CSRA / RedLine Performance Solutions, LLC
>>
>> NOAA NESCC
>> 1000 Galliher Drive, Suite 333, Fairmont, WV 26554
>> office: (304) 367-2882
>> cell: (304) 685-9345
>> adam.dorsey@noaa.gov
>>
>
>
> --
> Adam Dorsey
> NOAA RDHPCS Systems Administrator Site Lead
> CSRA / RedLine Performance Solutions, LLC
>
> NOAA NESCC
> 1000 Galliher Drive, Suite 333, Fairmont, WV 26554
> office: (304) 367-2882
> cell: (304) 685-9345
> adam.dorsey@noaa.gov
> _______________________________________________
> x2go-dev mailing list
> x2go-dev@lists.x2go.org
> https://lists.x2go.org/listinfo/x2go-dev
>


-- 
Adam Dorsey
NOAA RDHPCS Systems Administrator Site Lead
CSRA / RedLine Performance Solutions, LLC

NOAA NESCC
1000 Galliher Drive, Suite 333, Fairmont, WV 26554
office: (304) 367-2882
cell: (304) 685-9345
adam.dorsey@noaa.gov
[Message part 2 (text/html, inline)]

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Thu Mar 28 08:48:11 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.