[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#612607: marked as done (Connecting to older ssh version has cipher negotiation problem)

Your message dated Tue, 4 Oct 2022 17:17:57 -0700
with message-id <b7a2354e-750a-cac0-89a4-357d1f83b5e5@lackof.org>
and subject line RE: Connecting to older ssh version has cipher negotiation problem
has caused the Debian Bug report #612607,
regarding Connecting to older ssh version has cipher negotiation problem
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
612607: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612607
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: openssh-client
Version: 1:5.8p1-2

The problem is the dreaded "Read from socket failed".
The solution is to manually add the cipher to the command line.

Broken:
$ ssh -v stephen@hostname
OpenSSH_5.8p1 Debian-2, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to hostname [ip address] port 22.
debug1: Connection established.
debug1: identity fil  /home/foo/.ssh/id_rsa type -1
debug1: identity file /home/foo/.ssh/id_rsa-cert type -1
debug1: identity file /home/foo/.ssh/id_dsa type -1
debug1: identity file /home/foo/.ssh/id_dsa-cert type -1
debug1: identity file /home/foo/.ssh/id_ecdsa type -1
debug1: identity file /home/foo/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_4.3p2-hpn
debug1: match: OpenSSH_4.3p2-hpn pat OpenSSH_4*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Read from socket failed: Connection reset by peer

Fixed:
$ ssh -caes128-ctr stephen@hostname

--- End Message ---
--- Begin Message --- This bug report is 11 years old now and for a very old version of openssh. Also the original reporter appears to be connecting to a remote server with version string "OpenSSH_4.3p2-hpn" which appears to be some HP-UX version. Other reports don't provide enough info to be sure they are related and the linked Ubuntu bug is totally crazy with unrelated stuff.
Closing this, if you are reading this because some internet search for a problem you are having brought you here, feel free to file a new bug if A) you are using Debian, B) you have tested with a current version, and C) you provide plenty of details. :) 

--
Matt Taggart
matt@lackof.org

--- End Message ---
Reply to: