Description
"OpenSSH for Windows" version
0.0.21.0
Server OperatingSystem
Tested on both Windows Server 2012 R2 and Server 2016 and they both have this issue
Client OperatingSystem
Tested on both macOS 10.13 and Centos 7
macOS SSH Client version: OpenSSH_7.5p1, LibreSSL 2.5.4
Centos SSH Client version: OpenSSH_6.6.1p1, OpenSSL 1.0.1e-fips 11 Feb 2013
What is failing
When sending data through stdin to a powershell script, only some of the data is sent through. To replicate this, run the following;
printf 'HelloWorld%.0s' {1..31242} > payload
cat payload | ssh Administrator@HOSTNAME 'PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand CgBiAGUAZwBpAG4AIAB7AAoAIAAgACAAIAAkAHMAdAByAGkAbgBnACAAPQAgACIAIgAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACAAIAAgACAAJABzAHQAcgBpAG4AZwAgACsAPQAgAFsAcwB0AHIAaQBuAGcAXQAkAGkAbgBwAHUAdAAKAH0ACgBlAG4AZAAgAHsACgAgACAAIAAgAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAJABzAHQAcgBpAG4AZwAuAEwAZQBuAGcAdABoAAoAfQAKAA==' 2>/dev/nullThe base64 string is a utf-16-le encoded command of the below
begin {
$string = ""
}
process {
$string += [string]$input
}
end {
Write-Output $string.Length
}
It seems like the input sent over stdin is being cut off after a block as the length's being sent are always divisible by 1024 but I can't get it to always be the same length.
This only happens sporadically and sometimes the command actually runs and get's the full input length. If you run this example more than 10 times it should occur at least once but probably multiple times.
Expected output
312420
Actual output
The amount changes randomly, sometimes it is the above but it has been 225280, 237568, 245760, 253952, 299008, 307200. On ocassions it is the expected output but this does not happen all the time.
There is also a CLIXML message on the stderr that is unrelated to this, for brevity I've sent that stream to /dev/null but here is what it always is
#< CLIXML
<Objs Version="1.1.0.1" xmlns="http://schemas.microsoft.com/powershell/2004/04"><Obj S="progress" RefId="0"><TN RefId="0"><T>System.Management.Automation.PSCustomObject</T><T>System.Object</T></TN><MS><I64 N="SourceId">1</I64><PR N="Record"><AV>Preparing modules for first use.</AV><AI>0</AI><Nil /><PI>-1</PI><PC>-1</PC><T>Completed</T><SR>-1</SR><SD> </SD></PR></MS></Obj></Objs>
Other Info
When running this test over SSH over a normal POSIX compliant host, SSH always outputs the correct length and it never changes which is what I expect. As some background the reason I am doing this is that I do not want to place the script as a file on the disk but want to run it in a pipeline. The scripts being sent through are variable in length and I cannot just pass it as part of -EncodedCommand when calling Powershell as there is a limit to the number of characters allowed in CreateProcess.
When running with -v there is nothing that jumps out to me but here it is incase I am missing something
OpenSSH_7.5p1, LibreSSL 2.5.4
debug1: Reading configuration data /Users/jborean/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 52: Applying options for *
debug1: Connecting to 192.168.56.155 [192.168.56.155] port 22.
debug1: Connection established.
debug1: identity file /Users/jborean/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jborean/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jborean/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jborean/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jborean/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jborean/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jborean/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jborean/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.5
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.5
debug1: match: OpenSSH_7.5 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 192.168.56.155:22 as '[email protected]'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:EmCr9DIL41vER0kWTU5jXapuGJHd/3h7AHILVjCtgPw
debug1: Host '192.168.56.155' is known and matches the ECDSA host key.
debug1: Found key in /Users/jborean/.ssh/known_hosts:6
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/jborean/.ssh/id_rsa
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.56.155 ([192.168.56.155]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype [email protected] want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = en_AU.UTF-8
debug1: Sending command: PowerShell -NoProfile -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand CgBiAGUAZwBpAG4AIAB7AAoAIAAgACAAIAAkAHMAdAByAGkAbgBnACAAPQAgACIAIgAKAH0ACgBwAHIAbwBjAGUAcwBzACAAewAKACAAIAAgACAAJABzAHQAcgBpAG4AZwAgACsAPQAgAFsAcwB0AHIAaQBuAGcAXQAkAGkAbgBwAHUAdAAKAH0ACgBlAG4AZAAgAHsACgAgACAAIAAgAFcAcgBpAHQAZQAtAE8AdQB0AHAAdQB0ACAAJABzAHQAcgBpAG4AZwAuAEwAZQBuAGcAdABoAAoAfQAKAA==
#< CLIXML
237568
<Objs Version="1.1.0.1" xmlns="http://schemas.microsoft.com/powershell/2004/04"><Obj S="progress" RefId="0"><TN RefId="0"><T>System.Management.Automation.PSCustomObject</T><T>System.Object</T></TN><MS><I64 N="SourceId">1</I64><PR N="Record"><AV>Preparing modules for first use.</AV><AI>0</AI><Nil /><PI>-1</PI><PC>-1</PC><T>Completed</T><SR>-1</SR><SD> </SD></PR></MS></Obj></Objs>debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
Transferred: sent 316068, received 3448 bytes, in 0.3 seconds
Bytes per second: sent 977785.3, received 10666.7
debug1: Exit status 0
There is nothing in the Windows event logs and SSH Server logs that might indicate what is going wrong here.