ConnectBot crashes when connecting to SSH servers
See original GitHub issueBug description
ConnectBot crashes when trying to connect to any of several SSH severs. This happens using password or public-key (tested with RSA) authentication.
Steps to reproduce
- Open ConnectBot
- Touch a host to start an SSH connection
- Crash
Expected behavior
Should see a remote shell prompt instead of crash.
Android device
- OS: Android 7.0
- ConnectBot Version: 1.9.7 (beta from Play Store)
Server information
(one of them:)
- OS: Ubuntu Server 20.04 LTS
- SSH Software and Version: OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f 31 Mar 2020
- Pubkeys used (if applicable): Ed25519
Additional context
Everything worked fine before the last ConnectBot update; although I’m not sure which version was installed, it was up-to date with whichever version was available before on the Play Store (beta enabled).
Here’s the server log and stacktrace (from ADB) for the same connection:
Jul 11 23:13:05 ubuntu sshd[3520]: message repeated 8 times: [ debug1: server_input_global_request: rtype keepalive@openssh.com want_reply 1]
Jul 11 23:13:06 ubuntu sshd[3419]: debug1: Forked child 3530.
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: Set /proc/self/oom_score_adj to 0
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: inetd sockets after dupping: 4, 4
Jul 11 23:13:06 ubuntu sshd[3530]: Connection from 10.0.1.11 port 42893 on 10.0.0.123 port 22 rdomain ""
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: Remote protocol version 2.0, remote software version TrileadSSH2Java_213
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: no match: TrileadSSH2Java_213
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: permanently_set_uid: 111/65534 [preauth]
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: SSH2_MSG_KEXINIT received [preauth]
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: kex: algorithm: curve25519-sha256 [preauth]
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: kex: host key algorithm: ssh-ed25519 [preauth]
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: kex: client->server cipher: aes256-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none [preauth]
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: kex: server->client cipher: aes256-ctr MAC: hmac-sha2-256-etm@openssh.com compression: none [preauth]
Jul 11 23:13:06 ubuntu sshd[3530]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
07-12 00:13:06.185 15275 15321 E AndroidRuntime: FATAL EXCEPTION: Thread-4
07-12 00:13:06.185 15275 15321 E AndroidRuntime: Process: org.connectbot, PID: 15275
07-12 00:13:06.185 15275 15321 E AndroidRuntime: java.lang.IllegalStateException: Arithmetic error in curve multiplication with the public key: 0900000000000000000000000000000000000000000000000000000000000000
07-12 00:13:06.185 15275 15321 E AndroidRuntime: at com.google.crypto.tink.subtle.Curve25519.curveMult(Curve25519.java:332)
07-12 00:13:06.185 15275 15321 E AndroidRuntime: at com.google.crypto.tink.subtle.X25519.computeSharedSecret(X25519.java:103)
07-12 00:13:06.185 15275 15321 E AndroidRuntime: at com.google.crypto.tink.subtle.X25519.publicFromPrivate(X25519.java:121)
07-12 00:13:06.185 15275 15321 E AndroidRuntime: at com.trilead.ssh2.crypto.dh.Curve25519Exchange.init(Curve25519Exchange.java:43)
07-12 00:13:06.185 15275 15321 E AndroidRuntime: at com.trilead.ssh2.transport.KexManager.handleMessage(KexManager.java:574)
07-12 00:13:06.185 15275 15321 E AndroidRuntime: at com.trilead.ssh2.transport.TransportManager.receiveLoop(TransportManager.java:614)
07-12 00:13:06.185 15275 15321 E AndroidRuntime: at com.trilead.ssh2.transport.TransportManager$1.run(TransportManager.java:310)
07-12 00:13:06.185 15275 15321 E AndroidRuntime: at java.lang.Thread.run(Thread.java:761)
Regarding the “public key” seen on the stacktrace (0900000000000000000000000000000000000000000000000000000000000000
):
I’ve seen stacktraces with different, maybe random, values there before. But now every host I test crashes with that value there, everytime.
Issue Analytics
- State:
- Created 3 years ago
- Comments:23 (6 by maintainers)
Top Results From Across the Web
Issue 456 in connectbot: ConnectBot freezes after login in.
I expect to connect with my phone using SSH to my Netbook(running ubuntu 9.04) through my WiFi network. What do you see instead?...
Read more >Google Code Archive - Google Code
connectbot - issue #544 ... 1. connect to an ssh server 2. enter the password ... message: The application ConnectBot (org.connectbot) crashes unexpectedly....
Read more >How to Fix the SSH "Connection Refused" Error - Kinsta
In order to connect to your server with SSH, it must be running an SSH daemon – a program that runs in the...
Read more >Remote System Administration with Android
With ConnectBot, you can use SSH or Telnet to connect to a remote server (or to your own Android device) for command-line work....
Read more >Mosh for (irssi)ConnectBot
Q: How do I create a mosh connection instead of a ssh connection? ... settings) are uploaded to Google's servers as part of...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Thanks @kruton.
Just an update: I’ve bought an ASUS phone running MediaTek and will have it in a week. Will update once I’ve got more information.
I’ve managed to reproduce the crash with the debug variant of ConnectBot using the
debugImplementation
of sshlib 2.2.14 and tink 1.4.0-rc2. I set a breakpoint on the line where the IllegalStateException is thrown to read the variables from memory for 3 separate instances of the crash. These include the variables for each scope leading to the private key. Here are the privateKey values and other variables:privateKey =
{119, 127, 11, -105, -122, -51, -112, 119, -27, 112, -79, 72, -59, 105, 100, 111, 119, -18, 81, -76, 104, -81, 55, 8, 42, -77, -1, 39, 64, 124, 83, -69}
; from variables_crash1.txtprivateKey =
{-73, 17, 51, 40, 0, 92, 31, 85, -16, 53, 86, 8, -64, 99, 63, -72, 38, -123, 37, -25, -54, -97, -126, 104, 11, -94, -56, -119, 14, -45, 62, -111}
; from variables_crash2.txtprivateKey =
{127, -83, -16, 85, -38, 15, 97, -44, -19, 80, 109, 68, 2, 100, 103, -71, -41, 87, 115, 10, -27, -58, -86, -39, -52, 31, -1, 32, -72, 46, 86, -115}
; from variables_crash3.txtPlease let me know if you need more info or if there is a better way to present these.