C++ Builder 5 - SSHClient Demo - Protocol Mismatch

Discussion of open issues, suggestions and bugs regarding network security and data protection solution - SecureBridge
Post Reply
benkedon
Posts: 28
Joined: Tue 15 May 2007 12:27

C++ Builder 5 - SSHClient Demo - Protocol Mismatch

Post by benkedon » Mon 04 Jun 2007 21:55

Added Button1, to "send" data, and the following to routines :
void __fastcall TDemoForm::Button1Click(TObject *Sender)
{
int wrt_count;
strcpy(WriteBuf,(Edit1->Text.Trim() + "\n").c_str());
wrt_count = (Edit1->Text.Trim() + "\n").Length();
wrt_count = ScSSHChannel->WriteBuffer(WriteBuf, (Edit1->Text.Trim() + "\n").Length());
}
//---------------------------------------------------------------------------

void __fastcall TDemoForm::ScSSHChannelAsyncReceive(TObject *Sender)
{
int rec_count;
rec_count = ScSSHChannel->ReadBuffer(ReadBuf, ScSSHChannel->InCount);
}
Set Direct to true, and NonBlocking to true.
set "SSH Server" entry box to 'mou034.mto.na.mars'
set "SSH Port" to default 22
Set "User name" / "Password" appropriately.
Set "Source Port" to 22
Set "Dest Host" to 'mou034.mto.na.mars'
set "Dest Port" to 22.

I can click "Connect SSH" and "Start Port forwarding", and get response from the server (in ReadBuf) of "SSH-2.0-OpenSSH_3.9p1".
But, when I try to send, via WriteBuffer, a 'pwd' command to the server, I get a "Protocol Mismatch" back in the ReadBuf.

Any ideas ?
"

Dimon
Devart Team
Posts: 2910
Joined: Mon 05 Mar 2007 16:32

Post by Dimon » Tue 05 Jun 2007 09:32

The WriteBuffer method allows transmitting data to indicated DestHost and DestPort. In your case you transmit data to the OpenSSH server, that are considered as a protocol part, but not as a command for executing. The SSH server itself does not execute commands, but only receives data and transmits it further (to DestHost and DestPort).

For commands execution you can use the TScSSHServer component. You should add handlers for the BeforeChannelConnect and OnDataFromClient events. On OnDataFromClient event you can process data and execute received commands.

Also if you use the OpenSSH server, you can connect to standard Telnet server, for that you need indicate its DestHost and DestPort. This Telnet server will execute commands.

benkedon
Posts: 28
Joined: Tue 15 May 2007 12:27

Post by benkedon » Tue 05 Jun 2007 11:33

Sorry, I'm confused. I can connect to OpenSSH servers on many Unix/Linux boxes with OTHER SSHClient programs on Windows, Unix, Linux, etc. and can begin to send commands and receive responses from the server program(s). Perhaps, this is because I do NOT use "port forwarding", but a direct connection to the SSH server on the server box I want to execute commands on. My other SSH clients open up a SSH, i.e. Secure Shell, process to the target/server box and OpenSSH server process....from that point on I can execute commands, etc., on the target. How do I accomplish this ?

Dimon
Devart Team
Posts: 2910
Joined: Mon 05 Mar 2007 16:32

Post by Dimon » Wed 06 Jun 2007 14:22

We will consider possibility to support commands execution by using SSH client.

benkedon
Posts: 28
Joined: Tue 15 May 2007 12:27

Post by benkedon » Wed 06 Jun 2007 16:56

I think that's why another thread I was reading in this forum was asking about SFTP. SSH and SFTP (which runs over or within SSH's secure protocol) are often paired up together -- for instance, "SecureBlackbox", by Eldos, has a VCL SFTP client/server component (which I also own...) which includes both SFTP and SSH functionality, with client and server components. I've been using your VCL ODAC components for longer than I can remember, and really like them, which is why I went to try your "SecureBridge" components right away when I saw them.

To me, Secure SHELL (client and server) capabilities = 'ssh' and 'sshd' executables on Unix / Linux, and these are secure counterparts to NON-secure 'rsh' and 'rshd' -- which our security folks will no longer let us use on the corporate WAN.

As much as I like your stuff, I don't even understand what I would use your current "SecureBridge" components for, if not for what I was talking about above. I don't understand "port forwarding" at this point, or why one would want/need to use it....

Antaeus
Posts: 2098
Joined: Tue 14 Feb 2006 10:14

Post by Antaeus » Fri 08 Jun 2007 15:33

Now we position SecureBridge as a product for ensuring secure connections to database servers (port forwarding is very useful in this case). We are planning to extend functionality of SecureBridge in the future.

benkedon
Posts: 28
Joined: Tue 15 May 2007 12:27

Post by benkedon » Fri 08 Jun 2007 15:43

Thanks, I'll be waiting !

Post Reply