[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: key exchange fails in ssh_connect using libssh 0.10.4
[Thread Prev] | [Thread Next]
- Subject: Re: key exchange fails in ssh_connect using libssh 0.10.4
- From: Andreas Schneider <asn@xxxxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Tue, 10 Jan 2023 14:17:42 +0100
- To: libssh@xxxxxxxxxx
- Cc: Jijo Thomas <jijo7thomas@xxxxxxxxx>
On Monday, 9 January 2023 21:08:08 CET Jijo Thomas wrote: > Thank you Norbert Pócs. > I could add the missing default algorithms in kex.c and proceed. Why not just add it with ssh_options_set()? ssh_options_set(session, SSH_OPTIONS_KEY_EXCHANGE, "+diffie-hellman-group- exchange-sha1,+diffie-hellman-group14-sha1"); > Regards, > Jijo > > On Mon, Jan 9, 2023 at 8:27 PM Norbert Pocs <npocs@xxxxxxxxxx> wrote: > > Hi Thomas, > > > > I see the server - > > > > no match for method kex algos: server > > [diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1]> > > has only sha1 kex methods enabled, which are disabled by default in > > version 0.10 of libssh. Try to enable > > the needed kex methods in the configuration file or try to avoid using > > sha1 if possible. > > > > Hope this helps! > > > > Regards > > Norbert Pócs > > > > On Mon, Jan 9, 2023 at 3:03 PM Jijo Thomas <jijo7thomas@xxxxxxxxx> wrote: > >> Hey folks, > >> > >> I'm trying to use a ssh_connect using a recently compiled libssh 0.10.4 > >> (using openssl 1.1.1k) > >> But we ran into a key exchange error. Following is the log. > >> > >> [2023/01/09 16:37:44.874356, 2] ssh_connect: libssh 0.10.4 (c) 2003-2022 > >> Aris Adamantiadis, Andreas Schneider and libssh contributors. > >> Distributed under the LGPL, please refer to COPYING file for information > >> about your rights, using threading threads_winlock [2023/01/09 > >> 16:37:44.881334, 3] getai: host x.x.x.x matches an IP address > >> [2023/01/09 16:37:44.885324, 2] ssh_socket_connect: Nonblocking > >> connection socket: 512 [2023/01/09 16:37:44.887321, 2] ssh_connect: > >> Socket connecting, now waiting for the callbacks to work [2023/01/09 > >> 16:37:44.887903, 3] ssh_connect: Actual timeout : 10000 [2023/01/09 > >> 16:37:45.139544, 3] ssh_socket_pollcallback: Received POLLOUT in > >> connecting state [2023/01/09 16:37:45.140542, 1] > >> socket_callback_connected: Socket connection callback: 1 (0) > >> [2023/01/09 16:37:45.140542, 3] ssh_socket_unbuffered_write: Enabling > >> POLLOUT for socket [2023/01/09 16:37:45.376008, 3] > >> callback_receive_banner: Received banner: SSH-2.0-Cisco-1.25 > >> [2023/01/09 16:37:45.377005, 2] ssh_client_connection_callback: SSH > >> server banner: SSH-2.0-Cisco-1.25 [2023/01/09 16:37:45.377005, 2] > >> ssh_analyze_banner: Analyzing banner: SSH-2.0-Cisco-1.25 [2023/01/09 > >> 16:37:45.390968, 3] ssh_client_select_hostkeys: Order of wanted host > >> keys: > >> "ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 > >> ,rsa-sha2-512,rsa-sha2-256" [2023/01/09 16:37:45.391964, 1] > >> ssh_known_hosts_read_entries: Failed to open the known_hosts file > >> 'C:\Users\xxxxx/.ssh/known_hosts': No such file or directory [2023/01/09 > >> 16:37:45.391964, 1] ssh_known_hosts_read_entries: Failed to open the > >> known_hosts file '/etc/ssh/ssh_known_hosts': No such file or directory > >> [2023/01/09 16:37:45.391964, 3] ssh_client_select_hostkeys: No key > >> found in known_hosts; changing host key method to > >> "ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 > >> ,rsa-sha2-512,rsa-sha2-256" [2023/01/09 16:37:45.391964, 3] > >> ssh_socket_unbuffered_write: Enabling POLLOUT for socket [2023/01/09 > >> 16:37:45.391964, 3] packet_send2: packet: wrote [type=20, len=852, > >> padding_size=7, comp=844, payload=844] [2023/01/09 16:37:45.392965, 3] > >> ssh_send_kex: SSH_MSG_KEXINIT sent [2023/01/09 16:37:45.626340, 3] > >> ssh_packet_socket_callback: packet: read type 20 > >> [len=308,padding=4,comp=303,payload=303] [2023/01/09 16:37:45.627339, 3] > >> ssh_packet_process: Dispatching handler for packet type 20 [2023/01/09 > >> 16:37:45.627339, 1] ssh_kex_select_methods: kex error : no match for > >> method kex algos: server > >> [diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1], client > >> [curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh- > >> sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hel > >> lman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-g > >> roup14-sha256] [2023/01/09 16:37:45.627339, 3] ssh_connect: current > >> state : 9 > >> > >> > >> It is still working fine using libssh 0.9.4 dll > >> > >> It could be something I missed while compiling the new library. I had > >> created the solution using cmake, and compiled the ssh.dll using Visual > >> Studio 2017. Any leads to solve the problem is appreciated. > >> > >> > >> Regards, > >> > >> Jijo -- Andreas Schneider asn@xxxxxxxxxxxxxx GPG-ID: 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
| Re: key exchange fails in ssh_connect using libssh 0.10.4 | Norbert Pocs <npocs@xxxxxxxxxx> |
| key exchange fails in ssh_connect using libssh 0.10.4 | Jijo Thomas <jijo7thomas@xxxxxxxxx> |
| Re: key exchange fails in ssh_connect using libssh 0.10.4 | Norbert Pocs <npocs@xxxxxxxxxx> |
| Re: key exchange fails in ssh_connect using libssh 0.10.4 | Jijo Thomas <jijo7thomas@xxxxxxxxx> |