Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: dispatch_protocol_error

from [Dewey Hylton] Network Security [Permanent Link]
Subject: RE: dispatch_protocol_error
Date: Fri, 25 Jul 2008 11:52:47 -0400 
Quoting Dewey Hylton <dewey@hyltown.com>:


Quoting Spydr <spyderw3b@cox.net>:


okay - let me provide link as a reference after I explain - type 5 is ssh1
response to authentication attempt with a shared secret (SSH_AUTH_TIS) seq

5

means something is wrong with the user string

http://mia.ece.uic.edu/cgi-bin/lxr/http/source/ssh1.h?v=openssh-3.5p1
 

review the SSH1.h for additional types and seq responses. Typically, this

is

a result of a miss configuration on the client. Looks like from the logs
provide remote host got the public key for your machine, opened the

session

to authenticate the user but the user string didn't match an authorized
account



-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]

On

Behalf Of Dewey Hylton
Sent: Thursday, July 24, 2008 2:44 PM
To: secureshell@securityfocus.com
Subject: dispatch_protocol_error

i'm getting the following error in syslog:

Jul 24 11:40:22 possible-rogue-laptop sshd[19041]: Accepted publickey for
dewey from 127.0.0.1 port 40876 ssh2 Jul 24 11:40:22 possible-rogue-laptop
sshd[19044]: (pam_unix) session opened for user dewey by (uid=0) Jul 24
11:40:22 possible-rogue-laptop sshd[19044]: dispatch_protocol_error: type
5 seq 5


this happens on different target hosts running freebsd/openbsd/linux and
differing openssh versions; the sequence number is dynamic, but the type

is

not.

ssh key-based logins from openssh client via ssh-agent works fine. the
problem is only evident when attempting the same from paramiko (python ssh
client).

while the problem may be with how i'm controlling the python client, i

don't

know where to look or what to try because i haven't yet found what
"dispatch_protocol_error: type 5" means.

can someone shed some light on this?


excellent pointer, thanks for the lead. i'll start working in that
direction.
the interesting thing is that i *thought* the server config had ssh1
disabled.


i was right; ssh1 is disabled across all my hosts.

another interesting point:
the "seq" output appears to alternate between "type 5 seq 5" and "type 5 seq 13"
... i'm largely unfamiliar with C, so i still haven't tracked down exactly what
that means and what causes it.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: dispatch_protocol_error, Dewey Hylton
Next by Date:  Re: Can't run whoami(id -un) inside chroot jail using openssh native jail support, Greg Wooledge
Previous by Thread:  RE: dispatch_protocol_error, Dewey Hylton
Next by Thread:  RE: dispatch_protocol_error, Dewey Hylton
Indexes:  [Date] [Thread] [Top] [All Lists]