[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ssh_options_set not working?
[Thread Prev] | [Thread Next]
- Subject: Re: ssh_options_set not working?
- From: Norbert Pocs <npocs@xxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Mon, 29 May 2023 09:21:08 +0200
- To: libssh@xxxxxxxxxx
Hi Adam,
At the first glance it seems like the WITH_GEX option is missing.
Try adding -DWITH_GEX=ON to your cmake and recompile. If it is not working,
please provide additional information as libssh version, what kind of system
are you running.
HTH
Regards
Norbert Pócs
On Fri, May 26, 2023 at 5:26 PM Kerrison, Adam <Adam_Kerrison@xxxxxxx>
wrote:
> Hello
>
>
>
> I am trying to enable all supported key exchange methods, ciphers and
> HMACs to handle connecting to some truly ancient servers. The setup code is:
>
>
>
> ssh_session session = ssh_new();
>
>
>
> fprintf(stderr, "SETTING KEYEX %s\n", ALL_KEYEX_METHODS);
>
> if(ssh_options_set(session, SSH_OPTIONS_KEY_EXCHANGE, ALL_KEYEX_METHODS)
> < 0) {
>
> fprintf(stderr, "FAILED TO SET KEYEX\n");
>
> }
>
> fprintf(stderr, "SETTING CIPHERS %s\n", ALL_CIPHERS);
>
> if(ssh_options_set(session, SSH_OPTIONS_CIPHERS_C_S, ALL_CIPHERS) < 0)
> {
>
> fprintf(stderr, "FAILED TO SET CIPHERS\n");
>
> }
>
> fprintf(stderr, "SETTING HMACS %s\n", ALL_HMACS);
>
> if(ssh_options_set(session, SSH_OPTIONS_HMAC_C_S, ALL_HMACS) < 0) {
>
> fprintf(stderr, "FAILED TO SET HMACS\n");
>
> }
>
>
>
> Where the ALL_* values are constants defining all the supports things (see
> below)
>
>
>
> When I run the code my connection fails. The output is:
>
>
>
> SETTING KEYEX
> curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
>
> SETTING CIPHERS chacha20-poly1305,aes256-gcm@xxxxxxxxxxx,
> aes128-gcm@xxxxxxxxxxx
> ,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc
>
> SETTING HMACS hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,
> hmac-sha1-etm@xxxxxxxxxxx,hmac-sha2-512,hmac-sha2-256,hmac-sha1
>
>
>
> ERROR: failed to connect: kex error : no match for method kex algos:
> server [diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1],
> client [curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512]
> (code 2)
>
>
>
> So the ssh_options_set() calls aren’t failing but the values don’t seem to
> have been applied as the client keyex list doesn’t include the
> diffie-helman SHA1 methods that I set?
>
>
>
> What am I doing wrong here?
>
>
>
> Adam
>
>
>
| ssh_options_set not working? | "Kerrison, Adam" <Adam_Kerrison@xxxxxxx> |