1. Forum
  2. FidoNet
  3. SYNC SYSOPS

  • SSH ERROR 'Bad argument, parameter 3' (-3) setting private key

    From Rob Swindell@1:103/705 to GitLab issue in main/sbbs on Sun Jan 21 11:49:37 2024
    open https://gitlab.synchro.net/main/sbbs/-/issues/702

    Just started today:
    ```
    1/21 11:47:23a 2480 SSH [218.92.0.76] Connection accepted on 71.95.196.34 port 22 from port 12680
    1/21 11:47:23a Terminal Server 2480 SSH ERROR 'Bad argument, parameter 3' (-3) setting private key
    ```
    --- SBBSecho 3.20-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to GitLab note in main/sbbs on Sun Jan 21 11:50:59 2024
    https://gitlab.synchro.net/main/sbbs/-/issues/702#note_4709

    On the (Windows) ssh client side, I see:
    ```
    ssh vert.synchro.net
    kex_exchange_identification: read: Connection reset
    Connection reset by 2600:6c88:8c40:5b::f5a port 22
    ```
    --- SBBSecho 3.20-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Deucе@1:103/705 to GitLab note in main/sbbs on Sun Jan 21 12:01:05 2024
    https://gitlab.synchro.net/main/sbbs/-/issues/702#note_4710

    It sounds like the cryptlib doesn't have cl-ssh-list-ctr-modes.patch applied. You can verify that if adding `-c aes128-cbc` to the command-line makes it work. Also, adding `-c aes128-ctr` would make it not work and list supported cipers (which won't include CTR modes).
    --- SBBSecho 3.20-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to GitLab note in main/sbbs on Sun Jan 21 15:21:38 2024
    https://gitlab.synchro.net/main/sbbs/-/issues/702#note_4711

    No, that didn't help, and yes, I'm running the latest cryptlib patches:

    Windows SSH client:
    ```
    $ ssh -V
    OpenSSH_for_Windows_8.6p1, LibreSSL 3.4.3
    $ ssh -c aes128-cbc digital.man@vert.synchro.net
    Received disconnect from 2600:6c88:8c40:5b::f5a port 22:10:
    Disconnected from 2600:6c88:8c40:5b::f5a port 22
    ```

    server log messages
    ```
    1/21 03:18:35p 2304 SSH [2600:6c88:8c40:5b::f5a] Connection accepted on 2600:6c88:8c40:5b::f5a port 22 from port 62703
    1/21 03:18:35p 2304 SSH [2600:6c88:8c40:5b::f5a] Hostname: vert.search.charter.com
    1/21 03:18:35p 2304 SSH [2600:6c88:8c40:5b::f5a] Attaching to Node 1
    1/21 03:18:35p Node 1 03:18p Sun Jan 21 2024 Node 1
    1/21 03:18:35p Node 1 SSH vert.search.charter.com [2600:6c88:8c40:5b::f5a]
    1/21 03:18:38p Node 1 2304 SSH WARNING 'Invalid client pubkey data' (-32) setting session active
    1/21 03:18:38p Node 1 2304 SSH [2600:6c88:8c40:5b::f5a] session establishment failed
    1/21 03:18:39p Node 1 thread terminated (0 node threads remain, 4 clients served)
    ```

    BTW, it does work using my Debian Linux ssh client:
    ```
    $ ssh -V
    OpenSSH_9.2p1 Debian-2+deb12u2, OpenSSL 3.0.11 19 Sep 2023
    ```
    ... but I did get a heap corruption assertion in sbbsctrl.exe soon after.
    --- SBBSecho 3.20-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
  • From Rob Swindell@1:103/705 to GitLab note in main/sbbs on Mon Jan 22 13:57:03 2024
    https://gitlab.synchro.net/main/sbbs/-/issues/702#note_4712

    This appears to resolved now.
    --- SBBSecho 3.20-Linux
    * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)