0 votes
by (120 points)
edited by

A error below occurs occasionally when accessing to OpenSsh8.0p1 via Scp.GetFile().
Scp.GetFile() works always correctlly when accessing to OpenSsh
7.8p1.

Rebex error
"ClassName": "Rebex.Net.ScpException", "Message": "Cannot open channel; connect failed. Open failed.", "Data": { "ScpStatus": 1, "Status": 3 },

sshd(OpenSsh_8.0p1) error
Nov 19 15:37:12 rhel80 sshd[2349]: error: server_input_channel_open: invalid remote channel ID

I think the error occurs after this commit of OpenSsh (included in OpenSshd_8.0p1) but I don't know the commit is correct or not.
https://github.com/openssh/openssh-portable/commit/7ec5cb4d15ed2f2c5c9f5d00e6b361d136fc1e2d#diff-68e5826568dd6f49d090ff4387c220d6R685

Is this a Rebex issue or OpenSsh issue or any other issue?

Does Anyone have any information or solutions about this?

1 Answer

0 votes
by (144k points)

Hello, thanks for bringing this issue to our attention!

It is apparently caused by a bug in OpenSSH that was introduced in the commit you found:

if (rchan > INT_MAX) {
    error("%s: invalid remote channel ID", __func__);

The 'rchan' variable represents SSH_MSG_CHANNEL_OPEN message's 'sender channel' field, which is supposed to be uint32, a 32-bit unsigned integer (see RFC 4254). This means that OpenSSH's check with INT_MAX (the upper bound for signed 32-bit integer) is wrong.

Rebex generates 'sender channel' numbers randomly (except the first allocated channel, which always uses 0) within the uint32 range, which means that when communicating with OpenSSH 8 using SCP (which, unlike SFTP, involves a new channel for each transfer), there is a 50 % chance that a correct 'sender channel' number would be rejected by the server.

Fortunately, adding a workaround for this server-side bug is simple for us - we can just limit our 'sender channel' numbers to int32 as well. Then, the bug will not manifest itself. We'll prepare a hotfix and send you a link shortly.

by (120 points)
Thanks for your reply.
I'm looking forward to it!
by (144k points)
I just sent a link to a hotfix build to your e-mail address. The hotfix is stable and can be used in production. Please give it a try and let us know whether it solved the issue.
by (120 points)
It works.

I have tested communication with OpenSSH 8 using Scp.GetFile() about 50 times and no error has occured.

Thank you!
by (144k points)
Thank you as well! We'll include this change in the next release.
...