[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
ssh_options_set not working?
[Thread Prev] | [Thread Next]
- Subject: ssh_options_set not working?
- From: "Kerrison, Adam" <Adam_Kerrison@xxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Fri, 26 May 2023 15:17:38 +0000
- To: "libssh@xxxxxxxxxx" <libssh@xxxxxxxxxx>
Hello
I am trying to enable all supported key exchange methods, ciphers and HMACs to handle connecting to some truly ancient servers. The setup code is:
ssh_session session = ssh_new();
fprintf(stderr, "SETTING KEYEX %s\n", ALL_KEYEX_METHODS);
if(ssh_options_set(session, SSH_OPTIONS_KEY_EXCHANGE, ALL_KEYEX_METHODS) < 0) {
fprintf(stderr, "FAILED TO SET KEYEX\n");
}
fprintf(stderr, "SETTING CIPHERS %s\n", ALL_CIPHERS);
if(ssh_options_set(session, SSH_OPTIONS_CIPHERS_C_S, ALL_CIPHERS) < 0) {
fprintf(stderr, "FAILED TO SET CIPHERS\n");
}
fprintf(stderr, "SETTING HMACS %s\n", ALL_HMACS);
if(ssh_options_set(session, SSH_OPTIONS_HMAC_C_S, ALL_HMACS) < 0) {
fprintf(stderr, "FAILED TO SET HMACS\n");
}
Where the ALL_* values are constants defining all the supports things (see below)
When I run the code my connection fails. The output is:
SETTING KEYEX curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
SETTING CIPHERS chacha20-poly1305,aes256-gcm@xxxxxxxxxxx,aes128-gcm@xxxxxxxxxxx,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc
SETTING HMACS hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,hmac-sha2-512,hmac-sha2-256,hmac-sha1
ERROR: failed to connect: kex error : no match for method kex algos: server [diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1], client [curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512] (code 2)
So the ssh_options_set() calls aren't failing but the values don't seem to have been applied as the client keyex list doesn't include the diffie-helman SHA1 methods that I set?
What am I doing wrong here?
Adam
| Re: ssh_options_set not working? | Norbert Pocs <npocs@xxxxxxxxxx> |
| Re: ssh_options_set not working? | Jakub Jelen <jjelen@xxxxxxxxxx> |