Wireshark mailing list archives
Re: Clue on sshdump w/special characters in passwords
From: Jeff Morriss <jeff.morriss.ws () gmail com>
Date: Fri, 31 Jul 2020 10:28:17 -0400
If this reflects what was actually sent on the command line: --remote-password XXXXXXXXXX then it sounds like a quoting problem to me. That is, it should be: --remote-password "XXXXXXXXX" I'd suggest opening a bug report: https://bugs.wireshark.org On Fri, Jul 31, 2020 at 7:49 AM Jason Lixfeld <jason+wireshark () lixfeld ca> wrote:
Hi, No, ‘X’ is what the debug logger obfuscates the password to. A special character could be, for example, one that is returned when you hold shift and hit one of the top row of numbers on your keyboard (US layout). Sent from a mobile deviceOn Jul 31, 2020, at 7:34 AM, Jaap Keuter <jaap.keuter () xs4all nl> wrote: Hi, I recon ‘X’ is not a special character, so what did you consider specialin this context?Thanks, JaapOn 30 Jul 2020, at 22:38, Jason Lixfeld <jason+wireshark () lixfeld ca>wrote:Hi, I’m wondering if anyone has some clue on a sshdump GUI oddity. Theattempt to start the sshdump always seems to result in an authentication failure when a special character is used in the password:Error by extcap pipe: ** (process:27640): WARNING **: Error creating connection. ** (process:27640): WARNING **: Can't find a valid authentication.Disconnecting.jlixfeld@BlackBox Desktop % more wireshark-debug.txt cmdline: /Applications/Wireshark.app/Contents/MacOS/extcap/sshdump--capture --extcap-interface sshdump --fifo /var/folders/ht/pffb_rd133jd1x12w50hdzcr0000gn/T//wireshark_extcap_sshdump_20200730163607_gRRHD2 --remote-capture-command bash /sbin/tcpdump -i mirror0 -w - --debug-file /Users/jlixfeld/Desktop/wireshark-debug.txt --remote-host 192.168.57.108 --remote-port 22 --remote-password XXXXXXXXXX --remote-username jlixfeld --debug[ssh_connect] ssh_connect: libssh 0.9.0 (c) 2003-2019 ArisAdamantiadis, Andreas Schneider and libssh contributors. Distributed under the LGPL, please refer to COPYING file for information about your rights, using threading threads_pthread[ssh_socket_connect] ssh_socket_connect: Nonblocking connection socket:5[ssh_connect] ssh_connect: Socket connecting, now waiting for thecallbacks to work[socket_callback_connected] socket_callback_connected: Socketconnection callback: 1 (0)[ssh_client_connection_callback] ssh_client_connection_callback: SSHserver banner: SSH-2.0-OpenSSH_7.8[ssh_analyze_banner] ssh_analyze_banner: Analyzing banner:SSH-2.0-OpenSSH_7.8[ssh_analyze_banner] ssh_analyze_banner: We are talking to an OpenSSHclient version: 7.8 (70800)[ssh_known_hosts_read_entries] ssh_known_hosts_read_entries: Failed toopen the known_hosts file '/etc/ssh/ssh_known_hosts': No such file or directory[ssh_kex_select_methods] ssh_kex_select_methods: Negotiatedcurve25519-sha256 () libssh org,ecdsa-sha2-nistp521,aes256-gcm () openssh com, aes256-gcm () openssh com,hmac-sha2-256-etm () openssh com, hmac-sha2-256-etm () openssh com,none,none,,[ssh_init_rekey_state] ssh_init_rekey_state: Set rekey after 4294967296blocks[ssh_init_rekey_state] ssh_init_rekey_state: Set rekey after 4294967296blocks[ssh_packet_client_curve25519_reply]ssh_packet_client_curve25519_reply: SSH_MSG_NEWKEYS sent[ssh_packet_newkeys] ssh_packet_newkeys: Received SSH_MSG_NEWKEYS [ssh_packet_newkeys] ssh_packet_newkeys: Signature verified and valid [ssh_agent_get_ident_count] ssh_agent_get_ident_count: Answer type: 12,expected answer: 12[ssh_pki_import_pubkey_file] ssh_pki_import_pubkey_file: Error opening/Users/jlixfeld/.ssh/id_ed25519.pub: No such file or directory[ssh_pki_import_privkey_file] ssh_pki_import_privkey_file: Erroropening /Users/jlixfeld/.ssh/id_ed25519: No such file or directory[ssh_pki_import_pubkey_file] ssh_pki_import_pubkey_file: Error opening/Users/jlixfeld/.ssh/id_ecdsa.pub: No such file or directory[ssh_pki_import_privkey_file] ssh_pki_import_privkey_file: Erroropening /Users/jlixfeld/.ssh/id_ecdsa: No such file or directory[ssh_packet_userauth_failure] ssh_packet_userauth_failure: Accessdenied for 'publickey'. Authentication that can continue: publickey,keyboard-interactive[ssh_packet_userauth_failure] ssh_packet_userauth_failure: Accessdenied for 'publickey'. Authentication that can continue: publickey,keyboard-interactive[ssh_pki_import_pubkey_file] ssh_pki_import_pubkey_file: Error opening/Users/jlixfeld/.ssh/id_dsa.pub: No such file or directory[ssh_pki_import_privkey_file] ssh_pki_import_privkey_file: Erroropening /Users/jlixfeld/.ssh/id_dsa: No such file or directory[ssh_userauth_publickey_auto] ssh_userauth_publickey_auto: Tried everypublic key, none matched[ssh_packet_userauth_failure] ssh_packet_userauth_failure: Accessdenied for 'password'. Authentication that can continue: publickey,keyboard-interactive[ssh_packet_userauth_failure] ssh_packet_userauth_failure: Accessdenied for 'password'. Authentication that can continue: publickey,keyboard-interactivejlixfeld@BlackBox Desktop % Is there some magic required to use special characters in passwords? macOS Catalina Wireshark 3.0.12 Thanks in advance!___________________________________________________________________________Sent via: Wireshark-users mailing list <wireshark-users () wireshark org Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org ?subject=unsubscribe
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- Clue on sshdump w/special characters in passwords Jason Lixfeld (Jul 30)
- Re: Clue on sshdump w/special characters in passwords Jaap Keuter (Jul 31)
- Re: Clue on sshdump w/special characters in passwords Jason Lixfeld (Jul 31)
- Re: Clue on sshdump w/special characters in passwords Jeff Morriss (Jul 31)
- Re: Clue on sshdump w/special characters in passwords Jason Lixfeld (Jul 31)
- Re: Clue on sshdump w/special characters in passwords Jason Lixfeld (Jul 31)
- Re: Clue on sshdump w/special characters in passwords Jaap Keuter (Jul 31)