x/crypto/ssh: handshake failed: ssh: no common algorithm for client to server cipher; client offered: [aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com arcfour256 arcfour128], server offered: [aes256-cbc 3des-cbc aes128-cbc]

[CameronGo]

Please answer these questions before submitting your issue. Thanks!

We onboarded a new client with a new SFTP endpoint and are seeing an error message we never encountered. What is the configuration I need to use to allow the CBC ciphers?

Error
ssh: handshake failed: ssh: no common algorithm for client to server cipher; client offered: [aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com arcfour256 arcfour128], server offered: [aes256-cbc 3des-cbc aes128-cbc]

What version of Go are you using (go version)?

1.8.1

What operating system and processor architecture are you using (go env)?

GOARCH="amd64"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"

from the current golang docker image

What did you do?

Attempting connection to SFTP host

What did you expect to see?

Successful authentication and connection

What did you see instead?

ssh: handshake failed: ssh: no common algorithm for client to server cipher; client offered: [aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com arcfour256 arcfour128], server offered: [aes256-cbc 3des-cbc aes128-cbc]

[bradfitz]

/cc @hanwen

[hanwen]

works as intended. 3DES is deprecated, and the CBC ciphers have weaknesses, so they're disabled by default.

[CameronGo]

@hanwen - can I allow the CBC cipher using the ssh.ClientConfig options, or does this require forking the package as discussed here? #13776

[hanwen]

just try it. it should work.

[CameronGo]

Ended up finding an example of how to use this from one of the unit tests:
https://gondolaweb.com/doc/src/golang.org/x/crypto/ssh/test/session_test.go

Specifically with how to go about appending a cipher to the existing defaults as in here:

func TestCiphers(t *testing.T) {
	var config ssh.Config
	config.SetDefaults()
	cipherOrder := config.Ciphers
	// These ciphers will not be tested when commented out in cipher.go it will
	// fallback to the next available as per line 292.
	cipherOrder = append(cipherOrder, "aes128-cbc", "3des-cbc")

	for _, ciph := range cipherOrder {
		server := newServer(t)
		defer server.Shutdown()
		conf := clientConfig()
		conf.Ciphers = []string{ciph}
		// Don't fail if sshd doesn't have the cipher.
		conf.Ciphers = append(conf.Ciphers, cipherOrder...)
		conn, err := server.TryDial(conf)
		if err == nil {
			conn.Close()
		} else {
			t.Fatalf("failed for cipher %q", ciph)
		}
	}
}

[Mebus]

hm. This doesn't work for me. Is this correct?

var sshconfig ssh.Config sshconfig.SetDefaults() cipherOrder := sshconfig.Ciphers cipherOrder = append(cipherOrder, "aes128-cbc", "3des-cbc")

// Authentication
config := &ssh.ClientConfig{
	Config: sshconfig,
	User:   "ciscouser",
	//Auth: []ssh.AuthMethod{SSHAgent()},
	//alternatively, you could use a password
	Auth:            []ssh.AuthMethod{ssh.Password("blablabla")},
	HostKeyCallback: ssh.InsecureIgnoreHostKey(),
}

I think I am going to have to use telnet instead of ssh...

Mebus

[hanwen]

you're not changing the slice inside sshconfig

[Mebus]

What do I have to change?

Mebus

[hanwen]

config.ciphers = append(config.ciphers, ...)

[Mebus]

It's in there, but the github is formatting it badly:

cipherOrder = append(cipherOrder, "aes128-cbc", "3des-cbc")

Like this?

Mebus

[hanwen]

you're not changing config.Ciphers, you're just changing cipherOrder

[Mebus]

aaaahh!!! My fault. Working now :-)

sshconfig.Ciphers = append(cipherOrder, "3des-cbc")

Thanks. :-)

Mebus