Date: Thu, 16 Dec 1999 11:09:33 -0700 (MST) From: John and Jennifer Reynolds <jjreynold@home.com> To: freebsd-hackers@freebsd.org Subject: anybody using tn-gw-nav to tunnel ssh through a proxy? Message-ID: <14425.10973.878258.39420@whale.home-net>
next in thread | raw e-mail | index | archive | help
hello hackers, I have a rather bizzare problem and I'm hoping that somebody here can help me find the solution or at least other places to go look. At work, we use the tn-gw software to allow users to telnet out to hosts outside our firewall when necessary. There is some software called tn-gw-nav available at ftp://ftp.nlc.net.au/pub/unix/tn-gw-nav/index.html that claims to be able to allow a user to use ssh over the telnet gateway. A co-worker who has the exact same cable-modem setup that I have has gotten this working with his Linux box. He can ssh directly to his box from work. When I tried setting this software up on my end here, I ran into strange problems we can't duplicate with his Linux box. I modified /etc/services and /etc/inetd.conf like the above URL instructs (I'm not running TCP wrappers, yet). I can telnet to my "high" port and see that ssh is "answering" Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. SSH-1.5-OpenSSH-1.2 but upon trying to ssh from work to my box I get this error message: Local: Corrupted check bytes on input. If I run just the "ssh" port instead of openssh, I get the following in my messages file each time the connection fails: Dec 16 09:41:00 dolphin sshd[30368]: fatal: Local: Bad packet length 4267834977. Both of these error messages seem to be coming from sshd (grepping for strings in the binary). A "verbose" output from ssh trying to connect to my machine shows: hip186 [~]<471>% ssh -v dolphin SSH Version 1.2.20 [hppa1.1-hp-hpux10.20], protocol version 1.5. Standard version. Does not use RSAREF. hip186: Reading configuration data /eng/eng9/jreynold/.ssh/config hip186: Applying options for dolphin hip186: ssh_connect: getuid 25155 geteuid 25155 anon 1 hip186: Executing proxy command: exec tn-gw-nav -i -h proxy.domain.com hostname.home.com 3456 hip186: Remote protocol version 1.5, remote software version 1.2.27 hip186: Waiting for server public key. hip186: Received server public key (768 bits) and host key (1024 bits). hip186: Host 'hostname.home.com' is known and matches the host key. hip186: Initializing random; seed file /eng/eng9/jreynold/.ssh/random_seed hip186: Encryption type: idea hip186: Sent encrypted session key. Local: Corrupted check bytes on input. I have tried everything I can think of to get around this problem. I've tried: o using the OpenSSH port o using the linux binary for tn-gw-nav from my co-worker's Linux box o compiling tn-gw-nav with no optimization Nothing seems to work. Does anybody have any clues as to what *might* be going on here? The 4267834977 in the "bad packet length" seems awfully large, yes? With everything else being "identical" on my co-worker's Linux box (same port used, same version of OpenSSH and ssh1, same version of tn-gw-nav, and same version of ssh used here at work) it appears that something FreeBSD-related is causing me the grief. I am perfectly willing to debug this to the eye teeth (because I *really* want this functionality), but I need some pointers as to where to look. I will begin with the sshd source, but with any good debugging problem, I have to rule out FreeBSD's network code and possibly the "ed" driver as "suspects." I have searched the archives for these particular error messages but came up dry. Thank you for any "tips" as to where to look next. -Jr -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= John Reynolds jjreynold@home.com FreeBSD 3.3-STABLE. FreeBSD: The Power to Serve. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14425.10973.878258.39420>