尝试使用wolfssh库连接到cisco ios设备。
以下是用于连接的代码段
WOLFSSH_CTX* ctx = NULL;
WOLFSSH* ssh = NULL;
SOCKET_T sockFd = WOLFSSH_SOCKET_INVALID;
SOCKADDR_IN_T clientAddr;
socklen_t clientAddrSz = sizeof(clientAddr);
char rxBuf[80];
int ret;
int ch;
word16 port = 22;
const char* host = "xx.xx.xx.xx";
const char* username = "wwww";
const char* password = "wwww";
const char* cmd = "sh clock";
wolfSSH_Debugging_ON();
WSTARTTCP();
wolfSSH_Init();
ctx = wolfSSH_CTX_new(WOLFSSH_ENDPOINT_CLIENT, NULL);
if (ctx == NULL)
err_sys("Couldn't create wolfSSH client context.");
wolfSSH_SetUserAuth(ctx, wsUserAuth);
ssh = wolfSSH_new(ctx);
if ( ssh == NULL ) {
err_sys("Failed to create SSH");
}
wolfSSH_SetUserAuthCtx(ssh, (void*)password);
ret = wolfSSH_SetUsername(ssh, username);
if (ret != WS_SUCCESS)
err_sys("Couldn't set the username.");
build_addr(&clientAddr, (char *)host, port);
tcp_socket(&sockFd);
ret = connect(sockFd, (const struct sockaddr *)&clientAddr, clientAddrSz);
if (ret != 0) {
err_sys("Couldn't connect to server.");
}
else {
cout << "Connected to "<<host<<endl;
}
ret = wolfSSH_set_fd(ssh, (int)sockFd);
if (ret != WS_SUCCESS)
err_sys("Couldn't set the session's socket.");
ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_EXEC,
NULL, 0);
if (ret != WS_SUCCESS)
err_sys("Couldn't set the channel type.");
ret = wolfSSH_connect(ssh);
if (ret != WS_SUCCESS)
err_sys("Couldn't connect ssh.");
但是最终出现以下错误日志。
无法继续。
在WolfSSH_connect(ssh)中获取错误
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_Init()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_Init(), returning 0
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_CTX_new()
2020-05-13 07:01:55 [DEBUG] Entering CtxInit()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_CTX_new(), ctx = 00000072FB1E7D80
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_new()
2020-05-13 07:01:55 [DEBUG] Entering SshInit()
2020-05-13 07:01:55 [DEBUG] Entering HandshakeInfoNew()
2020-05-13 07:01:55 [DEBUG] Leaving wolfSSH_new(), ssh = 00000072FB1E93E0
Connected to xx.xx.xx.xx
2020-05-13 07:01:55 [DEBUG] Entering wolfSSH_set_fd()
2020-05-13 07:01:55 [DEBUG] No subsystem name or name was too large
2020-05-13 07:02:04 [DEBUG] Entering wolfSSH_connect()
2020-05-13 07:02:30 [DEBUG] SSH-2.0-wolfSSHv1.4.3
2020-05-13 07:02:30 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-13 07:02:30 [DEBUG] Embed Send trying to send 23
2020-05-13 07:02:30 [DEBUG] Embed Send sent 23
2020-05-13 07:02:30 [DEBUG] SB: Shrinking output buffer
2020-05-13 07:02:30 [DEBUG] Entering ShrinkBuffer()
2020-05-13 07:02:30 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-13 07:02:30 [DEBUG] SB: releasing dynamic buffer
2020-05-13 07:02:30 [DEBUG] Leaving ShrinkBuffer()
2020-05-13 07:02:34 [DEBUG] connect state: CLIENT_VERSION_SENT
2020-05-13 07:02:41 [DEBUG] Receive: recvd = 255
2020-05-13 07:03:30 [DEBUG] get input text failed
2020-05-13 07:03:35 [DEBUG] connect error: CLIENT_VERSION_SENT, -1013
更新
在Wolfssh 1.4.4中尝试了相同的代码(最新版本来自github)
ssh connect取得了一些进展。
但是它在XMEMSET的rsa.c中崩溃了...
int wc_InitRsaKey_ex(RsaKey* key, void* heap, int devId)
{
int ret = 0;
if (key == NULL) {
return BAD_FUNC_ARG;
}
XMEMSET(key, 0, sizeof(RsaKey));
以下是错误日志。
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_Init()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_Init(), returning 0
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_CTX_new()
2020-05-15 05:51:28 [DEBUG] Entering CtxInit()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_CTX_new(), ctx = 000000AFC91FDFD0
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_new()
2020-05-15 05:51:28 [DEBUG] Entering SshInit()
2020-05-15 05:51:28 [DEBUG] Entering HandshakeInfoNew()
2020-05-15 05:51:28 [DEBUG] Leaving wolfSSH_new(), ssh = 000000AFC91FE050
Connected to xx.xx.xx.xx
2020-05-15 05:51:28 [DEBUG] Entering wolfSSH_set_fd()
2020-05-15 05:51:32 [DEBUG] No subsystem name or name was too large
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_connect()
2020-05-15 05:51:38 [DEBUG] SSH-2.0-wolfSSHv1.4.4
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 23
2020-05-15 05:51:38 [DEBUG] Embed Send sent 23
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_VERSION_SENT
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 255
2020-05-15 05:51:38 [DEBUG] Checking for old version of protocol exchange
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 236, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] connect state: SERVER_VERSION_DONE
2020-05-15 05:51:38 [DEBUG] Entering SendKexInit()
2020-05-15 05:51:38 [DEBUG] BP: paddingSz = 4
2020-05-15 05:51:38 [DEBUG] CreateMac none
2020-05-15 05:51:38 [DEBUG] Encrypt none
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 376
2020-05-15 05:51:38 [DEBUG] Embed Send sent 376
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] Leaving SendKexInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_KEXINIT_SENT
2020-05-15 05:51:38 [DEBUG] PR1: size = 8
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] PR2: size = 312
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 76
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] VerifyMac none
2020-05-15 05:51:38 [DEBUG] VM: inSz = 312
2020-05-15 05:51:38 [DEBUG] VM: seq = 0
2020-05-15 05:51:38 [DEBUG] VM: keyLen = 0
2020-05-15 05:51:38 [DEBUG] DoPacket sequence number: 0
2020-05-15 05:51:38 [DEBUG] Decoding MSGID_KEXINIT
2020-05-15 05:51:38 [DEBUG] Entering DoKexInit()
2020-05-15 05:51:38 [DEBUG] DKI: KEX Algorithms
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = diffie-hellman-group14-sha1
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Server Host Key Algorithms
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = ssh-rsa
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Enc Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = aes128-ctr
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Enc Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = aes128-ctr
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: MAC Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha2-256
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1-96
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: MAC Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha2-256
2020-05-15 05:51:38 [DEBUG] DNL: name ID = unknown
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1
2020-05-15 05:51:38 [DEBUG] DNL: name ID = hmac-sha1-96
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Compression Algorithms - Client to Server
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = none
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Compression Algorithms - Server to Client
2020-05-15 05:51:38 [DEBUG] Entering GetNameList()
2020-05-15 05:51:38 [DEBUG] DNL: name ID = none
2020-05-15 05:51:38 [DEBUG] Leaving GetNameList(), ret = 0
2020-05-15 05:51:38 [DEBUG] DKI: Languages - Client to Server
2020-05-15 05:51:38 [DEBUG] DKI: Languages - Server to Client
2020-05-15 05:51:38 [DEBUG] DKI: KEX Packet Follows
2020-05-15 05:51:38 [DEBUG] DKI: For Future Use
2020-05-15 05:51:38 [DEBUG] Leaving DoKexInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] PR3: peerMacSz = 0
2020-05-15 05:51:38 [DEBUG] PR4: Shrinking input buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 1
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] PR5: txCount = 376, rxCount = 312
2020-05-15 05:51:38 [DEBUG] connect state: SERVER_KEXINIT_DONE
2020-05-15 05:51:38 [DEBUG] Entering SendKexDhInit()
2020-05-15 05:51:38 [DEBUG] BP: paddingSz = 5
2020-05-15 05:51:38 [DEBUG] CreateMac none
2020-05-15 05:51:38 [DEBUG] Encrypt none
2020-05-15 05:51:38 [DEBUG] Entering wolfSSH_SendPacket()
2020-05-15 05:51:38 [DEBUG] Embed Send trying to send 272
2020-05-15 05:51:38 [DEBUG] Embed Send sent 272
2020-05-15 05:51:38 [DEBUG] SB: Shrinking output buffer
2020-05-15 05:51:38 [DEBUG] Entering ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] SB: usedSz = 0, forcedFree = 0
2020-05-15 05:51:38 [DEBUG] SB: releasing dynamic buffer
2020-05-15 05:51:38 [DEBUG] Leaving ShrinkBuffer()
2020-05-15 05:51:38 [DEBUG] Leaving SendKexDhInit(), ret = 0
2020-05-15 05:51:38 [DEBUG] connect state: CLIENT_KEXDH_INIT_SENT
2020-05-15 05:51:38 [DEBUG] PR1: size = 8
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 8
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] PR2: size = 832
2020-05-15 05:51:38 [DEBUG] Receive: recvd = 824
2020-05-15 05:51:38 [DEBUG] Decrypt none
2020-05-15 05:51:38 [DEBUG] VerifyMac none
2020-05-15 05:51:38 [DEBUG] VM: inSz = 832
2020-05-15 05:51:38 [DEBUG] VM: seq = 1
2020-05-15 05:51:38 [DEBUG] VM: keyLen = 0
2020-05-15 05:51:38 [DEBUG] DoPacket sequence number: 1
2020-05-15 05:51:38 [DEBUG] Decoding MSGID_KEXDH_REPLY
2020-05-15 05:51:38 [DEBUG] Entering DoKexDhReply()
2020-05-15 05:51:38 [DEBUG] DKDR: no public key check callback, accepted
以下是来自腻子的日志。将哪个连接到同一ios设备。
2020-05-15 19:53:37 Connecting to xx.xx.x.x port 22
2020-05-15 19:53:37 We claim version: SSH-2.0-PuTTY_Release_0.70
2020-05-15 19:53:38 Server version: SSH-2.0-Cisco-1.25
2020-05-15 19:53:38 We believe remote version has SSH-1 ignore bug
2020-05-15 19:53:38 We believe remote version needs a plain SSH-1 password
2020-05-15 19:53:38 We believe remote version can't handle SSH-1 RSA authentication
2020-05-15 19:53:38 Using SSH protocol version 2
2020-05-15 19:53:38 Doing Diffie-Hellman group exchange
2020-05-15 19:53:38 Doing Diffie-Hellman key exchange with hash SHA-1
2020-05-15 19:53:39 Host key fingerprint is:
2020-05-15 19:53:39 ssh-rsa 2048 7c:23:fc:cf:17:2a:9e:6b:38:d8:03:21:67:0f:b4:c3
2020-05-15 19:53:39 Initialised AES-256 SDCTR client->server encryption
2020-05-15 19:53:39 Initialised HMAC-SHA-256 client->server MAC algorithm
2020-05-15 19:53:39 Initialised AES-256 SDCTR server->client encryption
2020-05-15 19:53:39 Initialised HMAC-SHA-256 server->client MAC algorithm
最佳答案
有几件事要检查。
第一个是wolfSSH_SetChannelType应该将命令和命令长度作为最后两个参数。
ret = wolfSSH_SetChannelType(ssh, WOLFSSH_SESSION_EXEC,
cmd, sizeof(cmd));
不过,这可能只是一个错字,我希望它在连接中出现另一个错误,如-1009,所以这不是这里的主要问题。
要检查的第二件事是cisco ios设备支持的SSH版本。如果它使用的是较旧版本的SSH,则可能会导致列出版本错误。
第三个也是最有可能在这里有用的方法是,如果它在wolfSSH 1.4.3的发行包中,则它严格要求协议(protocol)交换消息按照RFC以“\ r \ n”结尾。它已更新为在wolfSSH 1.4.4版中更为宽容,以允许仅使用“\ n”进行协议(protocol)交换。查看提供的调试日志,我怀疑在更新至wolfSSH 1.4.4或通过将github的更改应用于此处(https://github.com/wolfSSL/wolfssh/pull/213)后,此问题将消失。
问候,
雅各布
关于c - 无法使用Wolfssh库建立与Cisco IOS设备的SSH连接,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/61776963/