[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#812368: openssh-server: sshd thinks PuTTY can't do diffie-hellman-group-exchange-sha256

Package: openssh-server
Version: 1:7.1p2-2
Severity: normal

Dear Maintainer,

I'm trying to connect to my system from a Windows client using PuTTY.
The particular version of PuTTY I'm using is TortoisePlink 0.63.0.9999
from the Xpra distribution.  It supports the key exchange 
diffie-hellman-group-exchange-sha256, which OpenSSH also supports.
However, it seems to be blocked by OpenSSH's compatibility mode.

The pertinent line from the log:

debug2: Compat: skipping algorithm
"diffie-hellman-group-exchange-sha256" [preauth]

I'm attaching the complete log.  Note that I'm using sslh to forward ssh
traffic arriving on port 443 to localhost port 22.


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.0.0 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages openssh-server depends on:
ii  adduser                 3.113+nmu3
ii  cdebconf [debconf-2.0]  0.201
ii  debconf [debconf-2.0]   1.5.58
ii  dpkg                    1.18.4
ii  init-system-helpers     1.24
ii  libaudit1               1:2.4.5-1
ii  libc6                   2.21-6
ii  libcomerr2              1.42.13-1
ii  libgssapi-krb5-2        1.13.2+dfsg-4
ii  libkrb5-3               1.13.2+dfsg-4
ii  libpam-modules          1.1.8-3.2
ii  libpam-runtime          1.1.8-3.2
ii  libpam0g                1.1.8-3.2
ii  libselinux1             2.4-3
ii  libssl1.0.2             1.0.2e-1
ii  libsystemd0             228-4
ii  libwrap0                7.6.q-25
ii  lsb-base                9.20160110
ii  openssh-client          1:7.1p2-2
ii  openssh-sftp-server     1:7.1p2-2
ii  procps                  2:3.3.11-3
ii  zlib1g                  1:1.2.8.dfsg-2+b1

Versions of packages openssh-server recommends:
ii  ncurses-term  6.0+20151024-2
ii  xauth         1:1.0.9-1

Versions of packages openssh-server suggests:
ii  molly-guard                      0.6.2
ii  monkeysphere                     0.37-3
ii  rssh                             2.3.4-4+b1
ii  ssh-askpass                      1:1.2.4.1-9
ii  ssh-askpass-gnome [ssh-askpass]  1:7.1p2-1
ii  ufw                              0.34-2

-- debconf information:
  ssh/new_config: true
  ssh/vulnerable_host_keys:
  ssh/disable_cr_auth: false
* ssh/insecure_telnetd:
  ssh/insecure_rshd:
  ssh/encrypted_host_key_but_no_keygen:
* ssh/use_old_init_script: true
  openssh-server/permit-root-login: false

# /usr/sbin/sshd -dd
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 1235
debug2: parse_server_config: config /etc/ssh/sshd_config len 1235
debug1: sshd version OpenSSH_7.1, OpenSSL 1.0.2e 3 Dec 2015
debug1: private host key #0: ssh-rsa SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
debug1: private host key #1: ssh-ed25519 SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-dd'
debug1: Set /proc/self/oom_score_adj from 0 to -1000
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
Connection from 127.0.0.1 port 44436 on 127.0.0.1 port 22
debug1: Client protocol version 2.0; client software version PuTTY_Local:_Mar_19_2015_19:02:45
debug1: match: PuTTY_Local:_Mar_19_2015_19:02:45 pat PuTTY_Local:*,PuTTY-Release-0.5*,PuTTY_Release_0.5*,PuTTY_Release_0.60*,PuTTY_Release_0.61*,PuTTY_Release_0.62*,PuTTY_Release_0.63*,PuTTY_Release_0.64* compat 0x00004000
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1p2 Debian-2
debug2: fd 3 setting O_NONBLOCK
debug2: Network child is on pid 32034
debug1: permanently_set_uid: 101/65534 [preauth]
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 [preauth]
debug2: Compat: skipping algorithm "diffie-hellman-group-exchange-sha256" [preauth]
debug2: compat_kex_proposal: compat KEX proposal: curve25519-sha256@libssh.org [preauth]
debug1: list_hostkey_types: ssh-rsa,ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug2: kex_parse_kexinit: curve25519-sha256@libssh.org [preauth]
debug2: kex_parse_kexinit: ssh-rsa,ssh-ed25519 [preauth]
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr [preauth]
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr [preauth]
debug2: kex_parse_kexinit: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com [preauth]
debug2: kex_parse_kexinit: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com [preauth]
debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
debug2: kex_parse_kexinit: none,zlib@openssh.com [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: first_kex_follows 0  [preauth]
debug2: reserved 0  [preauth]
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,rsa2048-sha256,rsa1024-sha1 [preauth]
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss [preauth]
debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth]
debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc,blowfish-ctr,blowfish-cbc,3des-ctr,3des-cbc,arcfour256,arcfour128 [preauth]
debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5 [preauth]
debug2: kex_parse_kexinit: hmac-sha2-256,hmac-sha1,hmac-sha1-96,hmac-md5 [preauth]
debug2: kex_parse_kexinit: none,zlib [preauth]
debug2: kex_parse_kexinit: none,zlib [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: kex_parse_kexinit:  [preauth]
debug2: first_kex_follows 0  [preauth]
debug2: reserved 0  [preauth]
debug1: kex: client->server aes256-ctr hmac-sha2-256 none [preauth]
debug1: kex: server->client aes256-ctr hmac-sha2-256 none [preauth]
Unable to negotiate with 127.0.0.1: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,rsa2048-sha256,rsa1024-sha1 [preauth]
debug1: do_cleanup [preauth]
debug1: monitor_read_log: child log fd closed
debug1: do_cleanup
debug1: Killing privsep child 32034
debug1: audit_event: unhandled event 12
Reply to: