putty-tools issue, no output

Question

I'm having an issue with putty tools latest version compiled from source. I have them working OK on some Red Hat server but not others; I'm getting no output on all the tools. Example:

Working;

[root@server1 dir]# /usr/local/bin/puttygen -t rsa -b 2048 -C "tmp" -o /tmp/test
++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++
Enter passphrase to save key:
Re-enter passphrase to verify:
[root@server1 dir]#
[root@server1 dir]# /usr/local/bin/puttygen
Usage: puttygen ( keyfile | -t type [ -b bits ] )
                [ -C comment ] [ -P ] [ -q ]
                [ -o output-keyfile ] [ -O type | -l | -L | -p ]
Use "puttygen --help" for more detail.
[root@server1 dir]#

Not working:

[root@server2 dir]# /usr/local/bin/puttygen -t rsa -b 2048 -C "tmp" -o /tmp/test

^C
[root@server2 dir]#
[root@server2 dir]# /usr/local/bin/puttygen
Usage: puttygen ( keyfile | -t type [ -b bits ] )
                [ -C comment ] [ -P ] [ -q ]
                [ -o output-keyfile ] [ -O type | -l | -L | -p ]
Use "puttygen --help" for more detail.
[root@server2 dir]#

The command just sits there until I escape out, it does this for puttygen, plink, etc..

To add some more to this, I've installed havegen to increase the entropy but plink doesn't return data. Example of running the command 'hostname' via plink:

Working server

[root@server working]# cat /proc/sys/kernel/random/entropy_avail
3181
[root@server working]# /usr/local/bin/plink -v -ssh -i /sftp/private_keys/backup username@hostname hostname
Connecting to xx.xx.xx.xx port 22
We claim version: SSH-2.0-PuTTY_Release_0.70
Server version: SSH-2.0-OpenSSH_6.6
We believe remote version has SSH-2 channel request bug
Using SSH protocol version 2
Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Server also has ecdsa-sha2-nistp256/ssh-dss/ssh-rsa host keys, but we don't know any of them
Host key fingerprint is:
ssh-ed25519 256 8c:cb:64:77:c4:35:a9:80:99:51:c0:f8:73:24:1d:dc
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA1 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA1 server->client MAC algorithm
Reading key file "/sftp/private_keys/backup"
Using username "username".
Offered public key
Offer of public key accepted
Authenticating with public key "rsa-key-20171024"
Sent public key signature
Access granted
Opening session as main channel
Opened main channel
Started a shell/command
Server sent command exit status 0
this.is.my.hostname.com
           Disconnected: All channels closed
[root@server working]#

No returned data server

[root@server notworking]# cat /proc/sys/kernel/random/entropy_avail
2962
[root@server notworking]# /usr/local/bin/plink -v -ssh -i /sftp/private_keys/backup username@hostname hostname
Connecting to xx.xx.xx.xx port 22
We claim version: SSH-2.0-PuTTY_Release_0.70
Server version: SSH-2.0-OpenSSH_6.6
We believe remote version has SSH-2 channel request bug
Using SSH protocol version 2
Doing ECDH key exchange with curve Curve25519 and hash SHA-256
Server also has ecdsa-sha2-nistp256/ssh-dss/ssh-rsa host keys, but we don't know any of them
Host key fingerprint is:
ssh-ed25519 256 8c:cb:64:77:c4:35:a9:80:99:51:c0:f8:73:24:1d:dc
Initialised AES-256 SDCTR client->server encryption
Initialised HMAC-SHA1 client->server MAC algorithm
Initialised AES-256 SDCTR server->client encryption
Initialised HMAC-SHA1 server->client MAC algorithm
Reading key file "/sftp/private_keys/backup"
Using username "backup".
Offered public key
Offer of public key accepted
Authenticating with public key "rsa-key-20171025"
Sent public key signature
Access granted
Opening session as main channel
Opened main channel
Started a shell/command
Server sent command exit status 0
Disconnected: All channels closed
[root@server notworking]#

do a strace on the command and see where it is hanging. what are big differences between the two servers? it it was dependency then it would not have compiled. — Tux_DEV_NULL, Oct 24 '17 at 14:21

score 1 · Accepted Answer · answered Oct 24 '17 at 15:22

1

You should have a look at the available entropy on your system.

RSA key generation needs lots of entropy. I encountered some performance degradation on non prepared VMs (about factor 100). If cat /proc/sys/kernel/random/entropy_avail shows something below 100 you could install haveged for example.

answered Oct 24 '17 at 15:22

blafasel

488
5
10

Thanks for the pointer, that was the cause, entropy was around 100 (just above), haveged installed and its around 3000 and the tools are outputting as expected. – Darren Goulden Oct 25 '17 at 07:34
Seems to fix the puttygen issue but not data returned using plink – Darren Goulden Oct 25 '17 at 08:06

score 0 · Answer 2 · answered Oct 25 '17 at 08:12

0

Adding the -t flag to the plink command enables the return of data

enable / disable pty allocation

answered Oct 25 '17 at 08:12

Darren Goulden

3
2

This is somewhat unclear to me. Did adding `-t` solve your second problem _(no data returned using plink)_ or not? – blafasel Oct 25 '17 at 08:46
I think this was a red herring, it resolved the issue when talking to some servers but not others. I've removed the flag and I'm using the compression flag '-C', I tried a few but this seems to give a consistent response from the server. – Darren Goulden Oct 26 '17 at 09:18

putty-tools issue, no output

2 Answers2