Bug#612607: Connecting to older ssh version has cipher negotiation problem
Package: openssh-client
Version: 1:5.8p1-2
The problem is the dreaded "Read from socket failed".
The solution is to manually add the cipher to the command line.
Broken:
$ ssh -v stephen@hostname
OpenSSH_5.8p1 Debian-2, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to hostname [ip address] port 22.
debug1: Connection established.
debug1: identity fil /home/foo/.ssh/id_rsa type -1
debug1: identity file /home/foo/.ssh/id_rsa-cert type -1
debug1: identity file /home/foo/.ssh/id_dsa type -1
debug1: identity file /home/foo/.ssh/id_dsa-cert type -1
debug1: identity file /home/foo/.ssh/id_ecdsa type -1
debug1: identity file /home/foo/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_4.3p2-hpn
debug1: match: OpenSSH_4.3p2-hpn pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Read from socket failed: Connection reset by peer
Fixed:
$ ssh -caes128-ctr stephen@hostname
Reply to: