SFTPServer bigfile download has "Connection reset by peer" test with FileZilla, scp(linux)

0 votes
asked Mar 13 by dskim (150 points)

I'm testing SFTP server
in Windows 10 and .net core 2.2 with Rebex.FileServer(5.0.7357)

when client download big file
closed by client after "Initiating key re-exchange"

This is my server code

when I using scp
then change bind protocol Sftp to Shell

        Rebex.Security.Cryptography.CryptoHelper.UseFipsAlgorithmsOnly = false;

        FileServer = new FileServer();

        FileServer.LogWriter = new Rebex.FileLogWriter("rebex.txt");
        FileServer.LogWriter.Level = Rebex.LogLevel.Debug;

        FileServer.Settings.ShellEncoding = System.Text.Encoding.UTF8;

        FileServer.Bind(22, FileServerProtocol.Sftp);

        SshPrivateKey privateKey = SshPrivateKey.Generate(SshHostKeyAlgorithm.RSA, 2048);

        FileServer.Keys.Add(privateKey);

        FileServer.Start();

it occurs scp and filezilla

I attach rebex logs with scp

2020-03-13 11:18:31.649 DEBUG ShellModule(1)[11] SSH: Opening file    '/~/SW_DVD9_Win_Pro_10_1903.1_64BIT_Korean_Pro_Ent_EDU_N_MLF_X22-14075.ISO' (Open, Read): success.
2020-03-13 11:18:45.621 DEBUG FileServer(1)[5] SSH: Session 1: Performing algorithm negotiation and key exchange.
2020-03-13 11:18:45.626 DEBUG FileServer(1)[4] SSH: Session 1: Performing key exchange using curve25519-sha256 with rsa-sha2-512.
2020-03-13 11:18:45.638 DEBUG FileServer(1)[5] SSH: Session 1: Current encryptor is aes128-ctr/hmac-sha2-256.
2020-03-13 11:18:45.661 DEBUG FileServer(1)[4] SSH: Session 1: Current decryptor is aes128-ctr/hmac-sha2-256.
2020-03-13 11:18:45.663 DEBUG FileServer(1)[4] SSH: Session 1: Key exchange finished.
2020-03-13 11:18:45.665 INFO FileServer(1)[4] SSH: Session 1: Connection reset by peer.
2020-03-13 11:18:45.702 ERROR FileServer(1)[12] SSH: Session 1: Error while sending packet data: System.Net.Sockets.SocketException (10054): 현재 연결은 원격 호스트에 의해 강제로 끊겼습니다
at pxbh.blyc(pxcr ne)
2020-03-13 11:18:45.703 ERROR ShellModule(1)[12] Server: Session 1: Error: pxbj: Error while sending packet data.

and it is scp -v log

debug1: rekeying in progress
debug1: rekeying in progress
debug1: Server host key: ssh-rsa SHA256:LvUH9F1LwzYI26gvB54CE8/HlYzZT+0GzdXBIFTU5nY
debug1: set_newkeys: rekeying, input 1114554432 bytes 69659560 blocks, output 314064 bytes 19540 blocks
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekeying in progress
debug1: rekeying in progress
debug1: rekeying in progress
debug1: rekeying in progress
debug1: rekeying in progress
debug1: rekeying in progress
debug1: SSH2_MSG_NEWKEYS received
debug1: set_newkeys: rekeying, input 1114603744 bytes 69662642 blocks, output 314064 bytes 0 blocks
debug1: rekey after 4294967296 blocks
Bad packet length 2538355513.
ssh_dispatch_run_fatal: Connection to 192.168.32.47 port 22: message authentication code incorrect
lost connection

next rebex log with fileZilla

2020-03-13 11:34:35.781 DEBUG FileServer(1)[10] SSH: Session 3: Performing algorithm negotiation and key exchange.
2020-03-13 11:34:35.781 DEBUG FileServer(1)[10] SSH: Session 3: Performing key exchange using curve25519-sha256@libssh.org with ssh-rsa.
2020-03-13 11:34:35.785 DEBUG FileServer(1)[10] SSH: Session 3: Current encryptor is aes256-ctr/hmac-sha2-256.
2020-03-13 11:34:35.790 DEBUG FileServer(1)[10] SSH: Session 3: Current decryptor is aes256-ctr/hmac-sha2-256.
2020-03-13 11:34:35.790 DEBUG FileServer(1)[10] SSH: Session 3: Key exchange finished.
2020-03-13 11:34:35.830 DEBUG FileServer(1)[10] SSH: Session 3: Received SSH_MSG_CHANNEL_REQUEST: winadj@putty.projects.tartarus.org('').
2020-03-13 11:34:55.864 DEBUG FileServer(1)[10] SSH: Session 3: Performing algorithm negotiation and key exchange.
2020-03-13 11:34:55.864 DEBUG FileServer(1)[10] SSH: Session 3: Performing key exchange using curve25519-sha256@libssh.org with ssh-rsa.
2020-03-13 11:34:55.868 DEBUG FileServer(1)[10] SSH: Session 3: Current encryptor is aes256-ctr/hmac-sha2-256.
2020-03-13 11:34:55.872 DEBUG FileServer(1)[10] SSH: Session 3: Current decryptor is aes256-ctr/hmac-sha2-256.
2020-03-13 11:34:55.872 DEBUG FileServer(1)[10] SSH: Session 3: Key exchange finished.
2020-03-13 11:34:55.875 INFO FileServer(1)[10] SSH: Session 3: Connection reset by peer.
2020-03-13 11:34:55.936 ERROR FileServer(1)[5] SSH: Session 3: Error while sending packet data: System.Net.Sockets.SocketException (10054): 현재 연결은 원격 호스트에 의해 강제로 끊겼습니다
   at pxbh.blyc(pxcr ne)
2020-03-13 11:34:55.937 ERROR SftpModule(1)[5] Server: Session 3: Error: pxbj: Error while sending packet data.
   at pxbh.blyc(pxcr ne)
   at pxaf.vdhi(Int32 agh, Byte[] agi, Int32 agj, Int32 agk)
   at pxaf.vdhi(Byte[] agl, Int32 agm, Int32 agn)
   at pwzi.wunb(ArraySegment`1 di, Action`1 dj)
   at pwzm.rlyf(omyj gb)
   at pwzm.rlxs(omyj fa, Int32 fb)
   at pwzm.wund(omyj adf)

and fileZilla's log
(ignore korean message it just "trace", "error")

추적: Initiating key re-exchange (too much data received)
추적: Doing ECDH key exchange with curve Curve25519 and hash SHA-256 (unaccelerated)
추적: Initialised AES-256 SDCTR (AES-NI accelerated) outbound encryption
추적: Initialised HMAC-SHA-256 (unaccelerated) outbound MAC algorithm
추적: Initialised AES-256 SDCTR (AES-NI accelerated) inbound encryption
추적: Initialised HMAC-SHA-256 (unaccelerated) inbound MAC algorithm
추적: Initiating key re-exchange (too much data received)
추적: Doing ECDH key exchange with curve Curve25519 and hash SHA-256 (unaccelerated)
추적: Initialised AES-256 SDCTR (AES-NI accelerated) outbound encryption
추적: Initialised HMAC-SHA-256 (unaccelerated) outbound MAC algorithm
추적: Initialised AES-256 SDCTR (AES-NI accelerated) inbound encryption
추적: Initialised HMAC-SHA-256 (unaccelerated) inbound MAC algorithm
추적: Incoming packet was garbled on decryption
**오류:   FATAL ERROR: Incoming packet was garbled on decryption**
추적: CSftpControlSocket::OnTerminate without error
추적: CControlSocket::DoClose(66)
추적: CControlSocket::ResetOperation(66)
추적: CSftpFileTransferOpData::Reset(66) in state 4

and use linux's sftp command

debug1: rekeying in progress
debug1: rekeying in progress
debug1: rekeying in progress
debug1: rekeying in progress
debug1: Server host key: ssh-rsa SHA256:scHTMIjQvKeAnem0xRyAv4fvggRqfb5gDGWEtaZ1eI4
debug1: set_newkeys: rekeying, input 1311704976 bytes 81981469 blocks, output 2339216 bytes 146112 blocks
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: set_newkeys: rekeying, input 1311704992 bytes 81981470 blocks, output 2339216 bytes 0 blocks
debug1: rekey after 4294967296 blocks
Bad packet length 3357880771.
ssh_dispatch_run_fatal: Connection to 192.168.32.47 port 22: message authentication code incorrect
Connection closed

1 Answer

+1 vote
answered Mar 13 by Lukas Pokorny (116,670 points)

Hello, thanks for reporting this. We are looking into it.
In the meantime, please try disabling ECDH key exchange ciphers:

fileServer.Settings.SshParameters.SetKeyExchangeAlgorithms(
    "diffie-hellman-group14-sha256",
    "diffie-hellman-group15-sha512",
    "diffie-hellman-group16-sha512",
    "diffie-hellman-group-exchange-sha256",
    "diffie-hellman-group-exchange-sha1",
    "diffie-hellman-group14-sha1");
commented Mar 13 by dskim (150 points)
thx it works perfectly. I'll see ciphers options
commented Mar 13 by Lukas Pokorny (116,670 points)
By the way, does the error occur during all "key re-exchanges" (or "rekeying"), or only during some of them? We are trying to reproduce this with a recent version of FileZilla and OpenSSH's sftp and so far, all key exchanges have been successful. Which versions did you use? We would like to try those as well.
commented Mar 16 by dskim (150 points)
My environments

Windows 10 (build 18363)
and Rebex.FileServer(5.0.7357) from Nuget

FileZilla - Info
     3.47.2.1

ssh -V
    OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017
commented Mar 16 by Lukas Pokorny (116,670 points)
Thanks! We can now reproduce the issue and we are investigating it.
commented Mar 16 by Lukas Pokorny (116,670 points)
This is caused by a bug in Rebex File Server's SSH negotiation routine. We'll fix this and publish a new version as soon as possible. Many thanks for bringing this to our attention!
commented Mar 19 by Lukas Pokorny (116,670 points)
edited May 26 by Lukas Pokorny
We already fixed this and plan to publish a new release next week. If you would like to try the current build, please let us know.
(The new version has now already been published - see https://www.rebex.net/file-server/history.aspx#2020R1.1 for details)
...