Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > Secure Shell

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 07-13-2008, 07:22 AM
unky2020 unky2020 is offline
Registered User
 
Join Date: Jul 2008
Posts: 7
Incoming Packet was garbled on decryption

Hi there,

i use vshell 3.04 and set up the port forwarding feature.
when i use dynamic port forwarding with putty i receive this error message once in a while when i am surfing the web.

putty shows this error message:
Incoming Packet was garbled on decryption

and the connection is lost.

any ideas how to fix that ?
Reply With Quote
  #2  
Old 07-14-2008, 08:29 AM
kbarnette kbarnette is offline
VanDyke Technical Support
 
Join Date: Aug 2007
Posts: 585
Hi unky2020,

I have been able to find some information on this error from a Google search, but I will need a little more information from you to understand exactly what is happening.

Could you generate verbose logs with both putty and VShell, attempt the connection, reproduce the error, and send the resulting logs to support@vandyke.com?
To generate verbose logs in VShell, you will need to enable 'Debug' in the 'Logging' category of the VShell Control Panel.
When sending your logs via e-mail, it would be helpful if the subject of your message was set to 'Attn: Kevin Forum Thread 3055'
Reply With Quote
  #3  
Old 07-28-2008, 02:50 PM
unky2020 unky2020 is offline
Registered User
 
Join Date: Jul 2008
Posts: 7
time problems

at the moment i have difficulties with my time...
i have exams and family issues...

but i think the error is very easy reproducable.
just set up two systems.
on one launch vshell ssh server and on other one use putty with dynamic port forwarding, set up IE/firefox to use that as a socks5 proxy, then just browse some random websites... after few minutes u should have the error.

if the vandyke team care this issue, they already would do this kind of testing i guess, if not so no matter, i just wish would have this problem fixed.
Reply With Quote
  #4  
Old 07-28-2008, 03:03 PM
kbarnette kbarnette is offline
VanDyke Technical Support
 
Join Date: Aug 2007
Posts: 585
Hi unky2020,

We would like to investigate the issue you reported, but I have been unable to reproduce the error in putty.

I am not sure if this is an issue the resides on the client side, or server side, but to look into the issue we will need VShell Debug logs.

When you get a chance, could you please send us the VShell debug logs according to my previous instructions?
Reply With Quote
  #5  
Old 08-07-2008, 07:12 AM
unky2020 unky2020 is offline
Registered User
 
Join Date: Jul 2008
Posts: 7
using Putty 0.60 and Vshell 3.04.656 both on the same host. configuring putty to use dynamic port forwarding and visiting about 10 different websites with large images...
putty abort the connection after a few websites.

if having putty and vhsell on different phyical machines it will give the incoming packet error.


the log>

14:31:35,conn,00005: Connection accepted from 192.168.1.2:2332
14:31:35,dbg ,00005: [LOCAL DEBUG] SSH2Core version 4.3.0.656
14:31:35,dbg ,00005: [LOCAL DEBUG] Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT
14:31:35,dbg ,00005: [LOCAL DEBUG] Using protocol SSH2
14:31:35,dbg ,00005: [LOCAL DEBUG] RECV : Remote Identifier = "SSH-2.0-PuTTY_Release_0.60"
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote can re-key
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote sends language in password change requests
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote sends algorithm name in PK_OK packets
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote sends algorithm name in public key packets
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote sends algorithm name in signatures
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote sends error text in open failure packets
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote sends name in service accept packets
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote includes port number in x11 open packets
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote uses 160 bit keys for SHA1 MAC
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote supports new diffie-hellman group exchange messages
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote correctly handles unknown SFTP extensions
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote correctly encodes OID for gssapi
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote correctly uses connected addresses in forwarded-tcpip requests
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote can do SFTP version 4
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote uses SHA1 hash in RSA signatures for x.509v3
14:31:35,dbg ,00005: [LOCAL DEBUG] CAP : Remote x.509v3 uses ASN.1 encoding for DSA signatures
14:31:35,dbg ,00005: [LOCAL DEBUG] SEND : KEXINIT
14:31:35,dbg ,00005: [LOCAL DEBUG] RECV : Read kexinit
14:31:35,dbg ,00005: [LOCAL DEBUG] Available Remote Kex Methods = diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
14:31:35,dbg ,00005: [LOCAL DEBUG] Selected Kex Method = diffie-hellman-group-exchange-sha1
14:31:35,dbg ,00005: [LOCAL DEBUG] Available Remote Host Key Algos = ssh-rsa,ssh-dss
14:31:35,dbg ,00005: [LOCAL DEBUG] Selected Host Key Algo = ssh-rsa
14:31:35,dbg ,00005: [LOCAL DEBUG] Available Remote Send Ciphers = aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
14:31:35,dbg ,00005: [LOCAL DEBUG] Selected Send Cipher = aes256-cbc
14:31:35,dbg ,00005: [LOCAL DEBUG] Available Remote Recv Ciphers = aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128
14:31:35,dbg ,00005: [LOCAL DEBUG] Selected Recv Cipher = aes256-cbc
14:31:35,dbg ,00005: [LOCAL DEBUG] Available Remote Send Macs = hmac-sha1,hmac-sha1-96,hmac-md5
14:31:35,dbg ,00005: [LOCAL DEBUG] Selected Send Mac = hmac-sha1
14:31:35,dbg ,00005: [LOCAL DEBUG] Available Remote Recv Macs = hmac-sha1,hmac-sha1-96,hmac-md5
14:31:35,dbg ,00005: [LOCAL DEBUG] Selected Recv Mac = hmac-sha1
14:31:35,dbg ,00005: [LOCAL DEBUG] Available Remote Compressors = none,zlib
14:31:35,dbg ,00005: [LOCAL DEBUG] Selected Compressor = none
14:31:35,dbg ,00005: [LOCAL DEBUG] Available Remote Decompressors = none,zlib
14:31:35,dbg ,00005: [LOCAL DEBUG] Selected Decompressor = none
14:31:35,dbg ,00005: [LOCAL DEBUG] Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE
14:31:35,dbg ,00005: [LOCAL DEBUG] RECV : KEXDH_GEX_REQUEST
14:31:35,dbg ,00005: [LOCAL DEBUG] SEND : KEXDH_GEX_GROUP
14:31:35,dbg ,00005: [LOCAL DEBUG] RECV : KEXDH_INIT
14:31:35,dbg ,00005: [LOCAL DEBUG] SEND : KEXDH_REPLY
14:31:35,dbg ,00005: [LOCAL DEBUG] SEND : NEWKEYS
14:31:35,dbg ,00005: [LOCAL DEBUG] Changing state from STATE_KEY_EXCHANGE to STATE_EXPECT_NEWKEYS
14:31:36,dbg ,00005: [LOCAL DEBUG] RECV : NEWKEYS
14:31:36,dbg ,00005: [LOCAL DEBUG] Changing state from STATE_EXPECT_NEWKEYS to STATE_CONNECTION
14:31:36,dbg ,00005: [LOCAL DEBUG] RECV: SERVICE_REQUEST[ssh-userauth]
14:31:36,dbg ,00005: [LOCAL DEBUG] SEND: SERVICE_ACCEPT[ssh-userauth]
14:31:38,auth,00005: Client specified username testuser, resolved as TESTPC\testuser
14:31:38,auth,00005: none for user TESTPC\testuser rejected because it is unavailable
14:31:44,auth,00005: password for user TESTPC\testuser accepted
14:31:44,dbg ,00005: [LOCAL DEBUG] RECV: CHANNEL_OPEN[session]
14:31:44,conn,00005: Session channel open request accepted
14:31:44,dbg ,00005: Processing SessionChannel pty request
14:31:44,dbg ,00005: Client requested terminal type: xterm
14:31:44,dbg ,00005: Process SessionChannel shell request
14:31:44,dbg ,00005: Queued worker thread to load user environment
14:31:44,dbg ,00005: Worker thread starting user environment load. Username=testuser Logon Server=TESTPC Profile Path=
14:31:44,dbg ,00005: Worker thread finished user environment load
14:31:44,dbg ,00005: VSHELL_HOME is not valid, trying profile for user's home directory
14:31:44,dbg ,00005: Profile home directory is not valid, trying "My Documents" for user's home directory
14:31:44,dbg ,00005: Using home directory "C:\Dokumente und Einstellungen\testuser\Eigene Dateien" for user testuser
14:31:44,dbg ,00005: Received request to start C:\WINXP\system32\CMD.EXE via Scraper.exe
14:31:44,dbg ,00005: started user process (4056)
14:32:04,dbg ,00005: [LOCAL DEBUG] RECV: CHANNEL_OPEN[direct-tcpip]
14:32:04,fwd ,00005: Starting port forward to 91.198.174.3:80
14:32:09,dbg ,00005: [LOCAL DEBUG] RECV: CHANNEL_OPEN[direct-tcpip]
14:32:09,fwd ,00005: Starting port forward to 91.198.174.3:80
14:32:16,dbg ,00005: [LOCAL DEBUG] RECV: CHANNEL_OPEN[direct-tcpip]
14:32:16,fwd ,00005: Starting port forward to 91.198.174.2:80
14:32:34,dbg ,00005: [LOCAL DEBUG] RECV: CHANNEL_OPEN[direct-tcpip]
14:32:34,fwd ,00005: Starting port forward to 91.198.174.2:80
14:32:39,dbg ,00005: [LOCAL DEBUG] RECV: CHANNEL_OPEN[direct-tcpip]
14:32:39,fwd ,00005: Starting port forward to 91.198.174.3:80
14:32:58,dbg ,00005: [LOCAL DEBUG] RECV: CHANNEL_OPEN[direct-tcpip]
14:32:58,fwd ,00005: Starting port forward to 91.198.174.3:80
14:32:58,dbg ,00005: [LOCAL DEBUG] RECV: CHANNEL_OPEN[direct-tcpip]
14:32:58,fwd ,00005: Starting port forward to 91.198.174.3:80
14:33:08,dbg ,00005: [LOCAL DEBUG] RECV: TCP/IP close
14:33:08,dbg ,00005: [LOCAL DEBUG] Changing state from STATE_CONNECTION to STATE_CLOSED
14:33:08,conn,00005: The transport closed cleanly, but there were still channels active. All channels are being closed.

14:33:08,dbg ,00005: [LOCAL DEBUG] Connected for 93 seconds, 1558857 bytes sent, 114476 bytes received
14:33:08,conn,00005: Connection closed
14:33:08,dbg ,00005: Received EOF on stdout from running program

---------------------------
here is some putty log output...

Incoming raw data
Incoming packet type 94 / 0x5e (SSH2_MSG_CHANNEL_DATA)
Outgoing packet type 2 / 0x02 (SSH2_MSG_IGNORE) ....
Outgoing packet type 97 / 0x61 (SSH2_MSG_CHANNEL_CLOSE) ....
Outgoing raw data
Event Log: Forwarded port closed
Event Log: Opening forwarded connection to 212.222.52.39:80
Outgoing packet type 2 / 0x02 (SSH2_MSG_IGNORE) ....
Outgoing packet type 90 / 0x5a (SSH2_MSG_CHANNEL_OPEN)
Outgoing raw data
Event Log: Opening forwarded connection to 212.222.52.37:80
Outgoing packet type 2 / 0x02 (SSH2_MSG_IGNORE) ....
Outgoing packet type 90 / 0x5a (SSH2_MSG_CHANNEL_OPEN)
Outgoing raw data
Event Log: Opening forwarded connection to 212.222.52.37:80
Outgoing packet type 2 / 0x02 (SSH2_MSG_IGNORE) ....
Outgoing packet type 90 / 0x5a (SSH2_MSG_CHANNEL_OPEN)
Outgoing raw data
Incoming raw data
Event Log: Incoming packet was garbled on decryption

Last edited by unky2020; 08-07-2008 at 07:21 AM.
Reply With Quote
  #6  
Old 08-07-2008, 07:46 AM
unky2020 unky2020 is offline
Registered User
 
Join Date: Jul 2008
Posts: 7
the putty event log

2008-08-07 15:43:52 Looking up host "127.0.0.1"
2008-08-07 15:43:52 Connecting to 127.0.0.1 port 22
2008-08-07 15:43:52 Server version: SSH-2.0-VShell_3_0_4_656 VShell
2008-08-07 15:43:52 We claim version: SSH-2.0-PuTTY_Release_0.60
2008-08-07 15:43:52 Using SSH protocol version 2
2008-08-07 15:43:52 Doing Diffie-Hellman group exchange
2008-08-07 15:43:52 Doing Diffie-Hellman key exchange with hash SHA-1
2008-08-07 15:43:52 Host key fingerprint is:
2008-08-07 15:43:52 ssh-rsa 2048 4e:fb:44:b4:96:44:8a:f4:04:41:fd:e9:44:c7:94:44
2008-08-07 15:43:52 Initialised Blowfish-128 CBC client->server encryption
2008-08-07 15:43:52 Initialised HMAC-SHA1 client->server MAC algorithm
2008-08-07 15:43:52 Initialised Blowfish-128 CBC server->client encryption
2008-08-07 15:43:52 Initialised HMAC-SHA1 server->client MAC algorithm
2008-08-07 15:43:55 Sent password
2008-08-07 15:43:55 Access granted
2008-08-07 15:43:55 Opened channel for session
2008-08-07 15:43:55 Allocated pty (ospeed 100000000bps, ispeed 100000000bps)
2008-08-07 15:43:55 Started a shell/command
2008-08-07 15:44:10 Local port 1080 SOCKS dynamic forwarding
2008-08-07 15:44:12 Opening forwarded connection to 213.191.85.167:443
2008-08-07 15:44:13 Opening forwarded connection to 213.191.85.167:443
2008-08-07 15:44:20 Opening forwarded connection to 66.151.244.162:443
2008-08-07 15:44:28 Opening forwarded connection to 212.162.62.43:80
2008-08-07 15:44:30 Opening forwarded connection to 85.25.94.87:80
2008-08-07 15:44:30 Opening forwarded connection to 212.162.62.12:80
2008-08-07 15:44:30 Opening forwarded connection to 216.52.17.134:80
2008-08-07 15:44:30 Opening forwarded connection to 212.162.62.34:80
2008-08-07 15:44:30 Opening forwarded connection to 80.190.151.35:80
2008-08-07 15:44:30 Opening forwarded connection to 74.125.39.167:80
2008-08-07 15:44:30 Forwarded port closed
2008-08-07 15:44:30 Opening forwarded connection to 62.32.97.14:80
2008-08-07 15:44:30 Forwarded port closed
2008-08-07 15:44:30 Opening forwarded connection to 80.190.151.20:80
2008-08-07 15:44:30 Forwarded port closed
2008-08-07 15:44:30 Forwarded port closed
2008-08-07 15:44:30 Forwarded port closed
2008-08-07 15:44:30 Opening forwarded connection to 80.190.151.20:80
2008-08-07 15:44:30 Opening forwarded connection to 195.189.236.30:80
2008-08-07 15:44:31 Forwarded port closed
2008-08-07 15:44:31 Forwarded port closed
2008-08-07 15:44:31 Opening forwarded connection to 212.222.52.21:80
2008-08-07 15:44:31 Opening forwarded connection to 209.62.177.57:80
2008-08-07 15:44:31 Opening forwarded connection to 4.71.209.6:80
2008-08-07 15:44:31 Opening forwarded connection to 62.32.97.14:80
2008-08-07 15:44:31 Forwarded port closed
2008-08-07 15:44:31 Opening forwarded connection to 212.222.52.21:80
2008-08-07 15:44:32 Opening forwarded connection to 212.222.52.41:80
2008-08-07 15:44:32 Opening forwarded connection to 212.222.52.41:80
2008-08-07 15:44:32 Forwarded port closed
2008-08-07 15:44:32 Forwarded port closed
2008-08-07 15:44:32 Forwarded port closed
2008-08-07 15:44:32 Forwarded port closed
2008-08-07 15:44:33 Opening forwarded connection to 209.62.177.57:80
2008-08-07 15:44:33 Forwarded port closed
2008-08-07 15:44:33 Opening forwarded connection to 212.222.52.21:80
2008-08-07 15:44:33 Incoming packet was garbled on decryption


by the way, i have the problem just when using the vshell (win xp) server. using port forwarding with other openssh linux servers works just fine.

Last edited by unky2020; 08-07-2008 at 07:49 AM.
Reply With Quote
  #7  
Old 08-07-2008, 10:11 AM
kbarnette kbarnette is offline
VanDyke Technical Support
 
Join Date: Aug 2007
Posts: 585
Hi unky2020,

I have submitted an investigation report regarding this issue.

We will keep you posted as more information is made available.
Reply With Quote
  #8  
Old 08-18-2008, 07:33 AM
kbarnette kbarnette is offline
VanDyke Technical Support
 
Join Date: Aug 2007
Posts: 585
Hi unky2020,

We have been unable to reproduce the error you have described and had a few questions:

Does this only happen with a specific type of traffic (can you forward SFTP or shell traffic)?

Does the same issue occur if the same port forward scenario is set up with SecureCRT?

The link to download an evaluation copy of SecureCRT is below:
http://www.vandyke.com/download/securecrt/index.html
You mentioned that putty->OpenSSH did not cause the problem.

Is the OpenSSH server on the same network as the VShell server?
Reply With Quote
  #9  
Old 08-20-2008, 11:33 AM
unky2020 unky2020 is offline
Registered User
 
Join Date: Jul 2008
Posts: 7
other network

the openssh server is on another network. in my situation this just occured when forwarding http traffic. i am not sure if sftp forwarding works fine, but i dont need to know it, since i actually dont need it.
maybe its because opening too many http connections in a short time?
might it have something to do with MTU size ?
Reply With Quote
  #10  
Old 08-20-2008, 11:38 AM
kbarnette kbarnette is offline
VanDyke Technical Support
 
Join Date: Aug 2007
Posts: 585
Hi unky2020,

It's hard to tell exactly what the cause of the issue is since we are unable to reproduce the error you described in-house.

Were you able to attempt the http dynamic forward with SecureCRT?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 07:11 PM.