Hi,
I have compiled Netopeer2 using QNX 652 ppc cross compilation and ran the netopeer2 , it works fine .
I am facing an issue while doing ssh to netopeer server . Following is the command I used
ssh guest@10.220.84.57 -p 830 -s netconf
on enabling verbose mode on both client and server following are the logs obtained:
NETOPEER2 SERVER SIDE:
[INF]: Accepted a connection on 0.0.0.0:830.
[2019/12/02 18:55:10.005959, 2] ssh_pki_import_privkey_base64: Trying to decode privkey passphrase=false
[2019/12/02 18:55:10.011959, 2] ssh_server_connection_callback: SSH client banner: SSH-2.0-SSHJ_0.21.2_dev.0.uncommitted+9d4f8fc
[2019/12/02 18:55:10.011959, 2] ssh_analyze_banner: Analyzing banner: SSH-2.0-SSHJ_0.21.2_dev.0.uncommitted+9d4f8fc
[2019/12/02 18:55:10.019959, 2] ssh_kex_select_methods: Negotiated curve25519-sha256@libssh.org,ssh-rsa,aes128-ctr,aes128-ctr,hmac-sha1,hmac-sha1,none,none,,
[2019/12/02 18:55:10.636959, 2] ssh_packet_server_curve25519_init: SSH_MSG_KEX_ECDH_REPLY sent
[2019/12/02 18:55:10.637959, 2] ssh_init_rekey_state: Set rekey after 4294967296 blocks
[2019/12/02 18:55:10.637959, 2] ssh_init_rekey_state: Set rekey after 4294967296 blocks
[2019/12/02 18:55:10.637959, 2] ssh_packet_server_curve25519_init: SSH_MSG_NEWKEYS sent
[2019/12/02 18:55:11.940959, 2] ssh_packet_newkeys: Received SSH_MSG_NEWKEYS
[INF]: Received an SSH message "request-service" of subtype "ssh-userauth".
[INF]: Received an SSH message "request-auth" of subtype "password".
[INF]: User "guest" authenticated.
[INF]: Received an SSH message "request-channel-open" of subtype "session".
[INF]: Received an SSH message "request-channel" of subtype "subsystem".
[2019/12/02 18:55:16.525958, 2] grow_window: growing window (channel 43:0) to 1280000 bytes
[INF]: Generated new event (netconf-session-start).
[INF]: Resolving unresolved data nodes and their constraints...
[INF]: All data nodes and constraints resolved.
[INF]: Resolving unresolved data nodes and their constraints...
[INF]: All data nodes and constraints resolved.
[INF]: Session 7: thread 3 event new RPC.
[INF]: Session 7: thread 3 event new RPC.
[INF]: Session 7: thread 3 event session terminated.
[INF]: Generated new event (netconf-session-end).
[INF]: Accepted a connection on 0.0.0.0:830.
[2019/12/02 19:07:57.251882, 2] ssh_pki_import_privkey_base64: Trying to decode privkey passphrase=false
[2019/12/02 19:07:57.256882, 2] ssh_server_connection_callback: SSH client banner: SSH-2.0-OpenSSH_5.3
[2019/12/02 19:07:57.256882, 2] ssh_analyze_banner: Analyzing banner: SSH-2.0-OpenSSH_5.3
[2019/12/02 19:07:57.256882, 2] ssh_analyze_banner: We are talking to an OpenSSH client version: 5.3 (50300)
[2019/12/02 19:07:57.259882, 2] ssh_kex_select_methods: Negotiated diffie-hellman-group-exchange-sha256,ssh-rsa,aes128-ctr,aes128-ctr,hmac-sha1,hmac-sha1,none,none,,
[2019/12/02 19:07:57.449882, 2] ssh_packet_server_dhgex_request: dh-gex: DHGEX_REQUEST[1024:2048:8192]
[2019/12/02 19:07:57.463882, 2] ssh_retrieve_dhgroup_file: Selected 4096 bits modulus out of 28 candidates in 30 lines
[2019/12/02 19:08:18.675880, 2] ssh_init_rekey_state: Set rekey after 4294967296 blocks
[2019/12/02 19:08:18.675880, 2] ssh_init_rekey_state: Set rekey after 4294967296 blocks
[ERR]: SSH key exchange timeout.
CLIENT SIDE:
$ssh -v guest@10.220.84.57 -p 830 -s netconf
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.220.84.57 [10.220.84.57] port 830.
debug1: Connection established.
debug1: identity file /home/vburman/.ssh/identity type -1
debug1: identity file /home/vburman/.ssh/identity-cert type -1
debug1: identity file /home/vburman/.ssh/id_rsa type -1
debug1: identity file /home/vburman/.ssh/id_rsa-cert type -1
debug1: identity file /home/vburman/.ssh/id_dsa type -1
debug1: identity file /home/vburman/.ssh/id_dsa-cert type -1
debug1: identity file /home/vburman/.ssh/id_ecdsa type -1
debug1: identity file /home/vburman/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version libssh_0.9.0
debug1: no match: libssh_0.9.0
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '[10.220.84.57]:830' is known and matches the RSA host key.
debug1: Found key in /home/vburman/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
Connection closed by 10.220.84.57
While searching through google I found that either MTU size or algorithms needs to be changed.
I tried using the algorithm change and it worked.
Following is the command I used:
ssh -o KexAlgorithms=diffie-hellman-group14-sha1 guest@10.220.84.57 -p 830 -s netconf
While debugging more I tried using ssh -vvv , following is the details of client and server I got :
$ssh -vvv guest@10.220.84.57 -p 830 -s netconf
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 10.220.84.57 [10.220.84.57] port 830.
debug1: Connection established.
debug1: identity file /home/vburman/.ssh/identity type -1
debug1: identity file /home/vburman/.ssh/identity-cert type -1
debug1: identity file /home/vburman/.ssh/id_rsa type -1
debug1: identity file /home/vburman/.ssh/id_rsa-cert type -1
debug1: identity file /home/vburman/.ssh/id_dsa type -1
debug1: identity file /home/vburman/.ssh/id_dsa-cert type -1
debug1: identity file /home/vburman/.ssh/id_ecdsa type -1
debug1: identity file /home/vburman/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version libssh_0.9.0
debug1: no match: libssh_0.9.0
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 4 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 960 bytes for a total of 981
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: kex_parse_kexinit: aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc
debug2: kex_parse_kexinit: aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc
debug2: kex_parse_kexinit: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 1005
debug2: dh_gen_key: priv key bits set: 192/320
debug2: bits set: 2012/4096
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 528 bytes for a total of 1533
debug3: put_host_port: [10.220.84.57]:830
debug3: put_host_port: [10.220.84.57]:830
debug3: check_host_in_hostfile: host [10.220.84.57]:830 filename /home/vburman/.ssh/known_hosts
debug3: check_host_in_hostfile: host [10.220.84.57]:830 filename /home/vburman/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: host [10.220.84.57]:830 filename /home/vburman/.ssh/known_hosts
debug3: check_host_in_hostfile: host [10.220.84.57]:830 filename /home/vburman/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host '[10.220.84.57]:830' is known and matches the RSA host key.
debug1: Found key in /home/vburman/.ssh/known_hosts:1
debug2: bits set: 2046/4096
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1549
Also when I tried putting each one of the algorithm listed in client's side (i.e diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1) , 2 of them failed.
for "diffie-hellman-group-exchange-sha1" server logs said:
SSH key exchange error (kex error : no match for method kex algos: server [curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1], client [diffie-hellman-group-exchange-sha1]).
for "diffie-hellman-group-exchange-sha256" server behaves the same as what direct ssh to the server will do , as mentioned at the start.
Other 2 Algo worked fine
ISSUE:
How can I make direct ssh (ssh guest@10.220.84.57 -p 830 -s netconf) to work?
Thanks & Regards,
Vishal
Hi,
I have compiled Netopeer2 using QNX 652 ppc cross compilation and ran the netopeer2 , it works fine .
I am facing an issue while doing ssh to netopeer server . Following is the command I used
ssh guest@10.220.84.57 -p 830 -s netconf
on enabling verbose mode on both client and server following are the logs obtained:
NETOPEER2 SERVER SIDE:
[INF]: Accepted a connection on 0.0.0.0:830.
[2019/12/02 18:55:10.005959, 2] ssh_pki_import_privkey_base64: Trying to decode privkey passphrase=false
[2019/12/02 18:55:10.011959, 2] ssh_server_connection_callback: SSH client banner: SSH-2.0-SSHJ_0.21.2_dev.0.uncommitted+9d4f8fc
[2019/12/02 18:55:10.011959, 2] ssh_analyze_banner: Analyzing banner: SSH-2.0-SSHJ_0.21.2_dev.0.uncommitted+9d4f8fc
[2019/12/02 18:55:10.019959, 2] ssh_kex_select_methods: Negotiated curve25519-sha256@libssh.org,ssh-rsa,aes128-ctr,aes128-ctr,hmac-sha1,hmac-sha1,none,none,,
[2019/12/02 18:55:10.636959, 2] ssh_packet_server_curve25519_init: SSH_MSG_KEX_ECDH_REPLY sent
[2019/12/02 18:55:10.637959, 2] ssh_init_rekey_state: Set rekey after 4294967296 blocks
[2019/12/02 18:55:10.637959, 2] ssh_init_rekey_state: Set rekey after 4294967296 blocks
[2019/12/02 18:55:10.637959, 2] ssh_packet_server_curve25519_init: SSH_MSG_NEWKEYS sent
[2019/12/02 18:55:11.940959, 2] ssh_packet_newkeys: Received SSH_MSG_NEWKEYS
[INF]: Received an SSH message "request-service" of subtype "ssh-userauth".
[INF]: Received an SSH message "request-auth" of subtype "password".
[INF]: User "guest" authenticated.
[INF]: Received an SSH message "request-channel-open" of subtype "session".
[INF]: Received an SSH message "request-channel" of subtype "subsystem".
[2019/12/02 18:55:16.525958, 2] grow_window: growing window (channel 43:0) to 1280000 bytes
[INF]: Generated new event (netconf-session-start).
[INF]: Resolving unresolved data nodes and their constraints...
[INF]: All data nodes and constraints resolved.
[INF]: Resolving unresolved data nodes and their constraints...
[INF]: All data nodes and constraints resolved.
[INF]: Session 7: thread 3 event new RPC.
[INF]: Session 7: thread 3 event new RPC.
[INF]: Session 7: thread 3 event session terminated.
[INF]: Generated new event (netconf-session-end).
[INF]: Accepted a connection on 0.0.0.0:830.
[2019/12/02 19:07:57.251882, 2] ssh_pki_import_privkey_base64: Trying to decode privkey passphrase=false
[2019/12/02 19:07:57.256882, 2] ssh_server_connection_callback: SSH client banner: SSH-2.0-OpenSSH_5.3
[2019/12/02 19:07:57.256882, 2] ssh_analyze_banner: Analyzing banner: SSH-2.0-OpenSSH_5.3
[2019/12/02 19:07:57.256882, 2] ssh_analyze_banner: We are talking to an OpenSSH client version: 5.3 (50300)
[2019/12/02 19:07:57.259882, 2] ssh_kex_select_methods: Negotiated diffie-hellman-group-exchange-sha256,ssh-rsa,aes128-ctr,aes128-ctr,hmac-sha1,hmac-sha1,none,none,,
[2019/12/02 19:07:57.449882, 2] ssh_packet_server_dhgex_request: dh-gex: DHGEX_REQUEST[1024:2048:8192]
[2019/12/02 19:07:57.463882, 2] ssh_retrieve_dhgroup_file: Selected 4096 bits modulus out of 28 candidates in 30 lines
[2019/12/02 19:08:18.675880, 2] ssh_init_rekey_state: Set rekey after 4294967296 blocks
[2019/12/02 19:08:18.675880, 2] ssh_init_rekey_state: Set rekey after 4294967296 blocks
[ERR]: SSH key exchange timeout.
CLIENT SIDE:
$ssh -v guest@10.220.84.57 -p 830 -s netconf
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.220.84.57 [10.220.84.57] port 830.
debug1: Connection established.
debug1: identity file /home/vburman/.ssh/identity type -1
debug1: identity file /home/vburman/.ssh/identity-cert type -1
debug1: identity file /home/vburman/.ssh/id_rsa type -1
debug1: identity file /home/vburman/.ssh/id_rsa-cert type -1
debug1: identity file /home/vburman/.ssh/id_dsa type -1
debug1: identity file /home/vburman/.ssh/id_dsa-cert type -1
debug1: identity file /home/vburman/.ssh/id_ecdsa type -1
debug1: identity file /home/vburman/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version libssh_0.9.0
debug1: no match: libssh_0.9.0
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '[10.220.84.57]:830' is known and matches the RSA host key.
debug1: Found key in /home/vburman/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
Connection closed by 10.220.84.57
While searching through google I found that either MTU size or algorithms needs to be changed.
I tried using the algorithm change and it worked.
Following is the command I used:
ssh -o KexAlgorithms=diffie-hellman-group14-sha1 guest@10.220.84.57 -p 830 -s netconf
While debugging more I tried using ssh -vvv , following is the details of client and server I got :
$ssh -vvv guest@10.220.84.57 -p 830 -s netconf
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 10.220.84.57 [10.220.84.57] port 830.
debug1: Connection established.
debug1: identity file /home/vburman/.ssh/identity type -1
debug1: identity file /home/vburman/.ssh/identity-cert type -1
debug1: identity file /home/vburman/.ssh/id_rsa type -1
debug1: identity file /home/vburman/.ssh/id_rsa-cert type -1
debug1: identity file /home/vburman/.ssh/id_dsa type -1
debug1: identity file /home/vburman/.ssh/id_dsa-cert type -1
debug1: identity file /home/vburman/.ssh/id_ecdsa type -1
debug1: identity file /home/vburman/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version libssh_0.9.0
debug1: no match: libssh_0.9.0
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 4 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 960 bytes for a total of 981
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: kex_parse_kexinit: aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc
debug2: kex_parse_kexinit: aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc
debug2: kex_parse_kexinit: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 1005
debug2: dh_gen_key: priv key bits set: 192/320
debug2: bits set: 2012/4096
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 528 bytes for a total of 1533
debug3: put_host_port: [10.220.84.57]:830
debug3: put_host_port: [10.220.84.57]:830
debug3: check_host_in_hostfile: host [10.220.84.57]:830 filename /home/vburman/.ssh/known_hosts
debug3: check_host_in_hostfile: host [10.220.84.57]:830 filename /home/vburman/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: host [10.220.84.57]:830 filename /home/vburman/.ssh/known_hosts
debug3: check_host_in_hostfile: host [10.220.84.57]:830 filename /home/vburman/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host '[10.220.84.57]:830' is known and matches the RSA host key.
debug1: Found key in /home/vburman/.ssh/known_hosts:1
debug2: bits set: 2046/4096
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1549
Also when I tried putting each one of the algorithm listed in client's side (i.e diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1) , 2 of them failed.
for "diffie-hellman-group-exchange-sha1" server logs said:
SSH key exchange error (kex error : no match for method kex algos: server [curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1], client [diffie-hellman-group-exchange-sha1]).
for "diffie-hellman-group-exchange-sha256" server behaves the same as what direct ssh to the server will do , as mentioned at the start.
Other 2 Algo worked fine
ISSUE:
How can I make direct ssh (ssh guest@10.220.84.57 -p 830 -s netconf) to work?
Thanks & Regards,
Vishal