Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto/ssh: Support setting a banner for a server that shows before authentication #19567

Closed
jaksi opened this issue Mar 16, 2017 · 4 comments
Closed
Milestone

Comments

@jaksi
Copy link

@jaksi jaksi commented Mar 16, 2017

This is described in RFC 4252.

@gopherbot gopherbot added this to the Unreleased milestone Mar 21, 2017
@kissgyorgy
Copy link

@kissgyorgy kissgyorgy commented May 1, 2017

I need this functionality also. I want to implement TOFU authentication and it's important to let users know when they authentication fails what's the problem. Currently this is not possible with x/crypto/ssh because config.PublicKeyCallback doesn't have access to the underlying transport and if authentication fails, NewServerConn conn will be nil so it's too late to send banner message after that call.

@gopherbot
Copy link

@gopherbot gopherbot commented Sep 21, 2017

Change https://golang.org/cl/65271 mentions this issue: ssh: add support for banners

tucksaun added a commit to tucksaun/crypto that referenced this issue Sep 28, 2017
According to RFC 4252 section 5.4, the banner is sent between the
ssh-connection request and responding to user authentication.

Original support for server sending banner by joshua stein <jcs@jcs.org>

Fixes golang/go#19567

Change-Id: I68944a7f4711c0623759f6a59023e8e45a8781aa
@GeorgeGkinis
Copy link

@GeorgeGkinis GeorgeGkinis commented Oct 20, 2017

I had issues logging in with Password when faced with an auth banner from the remote server.
Specifically the error I was getting was :

ssh: handshake failed: ssh: parse error in message type 53

Adding a Language string field in userAuthBannerMsg definition solved it for me.

type userAuthBannerMsg struct {
	Message 	string `sshtype:"53"`
	Language 	string
}
@gopherbot
Copy link

@gopherbot gopherbot commented Nov 1, 2017

Change https://golang.org/cl/71790 mentions this issue: ssh: add support for banners

tucksaun added a commit to tucksaun/crypto that referenced this issue Nov 8, 2017
According to RFC 4252 section 5.4, the banner is sent between the
ssh-connection request and responding to user authentication.

Original support for server sending banner by joshua stein <jcs@jcs.org>

Fixes golang/go#19567

Change-Id: I729b3c8e5fd2c0068609d1590b61e92f40d87ea4
gopherbot pushed a commit to golang/crypto that referenced this issue Nov 13, 2017
According to RFC 4252 section 5.4, the banner is sent between the
ssh-connection request and responding to user authentication.

Original support for server sending banner by joshua stein <jcs@jcs.org>

Fixes golang/go#19567

Change-Id: I729b3c8e5fd2c0068609d1590b61e92f40d87ea4
Reviewed-on: https://go-review.googlesource.com/71790
Run-TryBot: Han-Wen Nienhuys <hanwen@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
@golang golang locked and limited conversation to collaborators Nov 1, 2018
bored-engineer pushed a commit to bored-engineer/ssh that referenced this issue Oct 13, 2019
According to RFC 4252 section 5.4, the banner is sent between the
ssh-connection request and responding to user authentication.

Original support for server sending banner by joshua stein <jcs@jcs.org>

Fixes golang/go#19567

Change-Id: I68944a7f4711c0623759f6a59023e8e45a8781aa
Reviewed-on: https://go-review.googlesource.com/65271
Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
Run-TryBot: Han-Wen Nienhuys <hanwen@google.com>
bored-engineer pushed a commit to bored-engineer/ssh that referenced this issue Oct 13, 2019
According to RFC 4252 section 5.4, the banner is sent between the
ssh-connection request and responding to user authentication.

Original support for server sending banner by joshua stein <jcs@jcs.org>

Fixes golang/go#19567

Change-Id: I729b3c8e5fd2c0068609d1590b61e92f40d87ea4
Reviewed-on: https://go-review.googlesource.com/71790
Run-TryBot: Han-Wen Nienhuys <hanwen@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
bored-engineer pushed a commit to bored-engineer/ssh that referenced this issue Oct 13, 2019
According to RFC 4252 section 5.4, the banner is sent between the
ssh-connection request and responding to user authentication.

Original support for server sending banner by joshua stein <jcs@jcs.org>

Fixes golang/go#19567

Change-Id: I68944a7f4711c0623759f6a59023e8e45a8781aa
Reviewed-on: https://go-review.googlesource.com/65271
Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
Run-TryBot: Han-Wen Nienhuys <hanwen@google.com>
bored-engineer pushed a commit to bored-engineer/ssh that referenced this issue Oct 13, 2019
According to RFC 4252 section 5.4, the banner is sent between the
ssh-connection request and responding to user authentication.

Original support for server sending banner by joshua stein <jcs@jcs.org>

Fixes golang/go#19567

Change-Id: I729b3c8e5fd2c0068609d1590b61e92f40d87ea4
Reviewed-on: https://go-review.googlesource.com/71790
Run-TryBot: Han-Wen Nienhuys <hanwen@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.