Can't connect to OpenSSH server: Error: libssh failure at 'connect': Received SSH_MSG_DISCONNECT: 3:invalid DH value

[MarkEdmondson1234]

I tried to connect to an OpenSSH server from MacOS:

library(ssh)

session <- ssh_connect("me@123.456.789.111", keyfile = "id_rsa_iih", verbose = 1)

ssh_pki_import_privkey_base64: Trying to decode privkey passphrase=false
socket_callback_connected: Socket connection callback: 1 (0)
ssh_client_connection_callback: SSH server banner: SSH-2.0-srtSSHServer_11.00
ssh_analyze_banner: Analyzing banner: SSH-2.0-srtSSHServer_11.00
ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT: 3:invalid DH value
Error: libssh failure at 'connect': Received SSH_MSG_DISCONNECT: 3:invalid DH value

When I tried from the console I got this error:

ssh -i id_rsa_iih me@123.456.789.111
Unable to negotiate with 123.456.789.111 port 22: no matching host key type found. Their offer: ssh-dss

This I could correct and get to the next issue via:

ssh -i id_rsa_iih -oHostKeyAlgorithms=+ssh-dss me@123.456.789.111
Unable to negotiate with 123.456.789.111 port 22: no matching cipher found. Their offer: 3des-ctr,aes256-cbc,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,cast128-cbc

Finally I could connect successfully via:

ssh -i id_rsa_iih -c aes256-cbc -oHostKeyAlgorithms=+ssh-dss me@123.456.789.111

But I would like to apply the same fix to the R code, although I'm not sure they are the same. As of now I would need to use a system() call that I would like to migrate away from to use this library.

[jeroen]

What does that option do? Are you enabling insecure ciphers? I think you need to fix this on the server side...

[MarkEdmondson1234]

Ironically this is the first time I've seen this and its for a bank :) Ok I can ask them to update but is there any way for the R library ssh to add parameters to the SSH command to cover occasions where the server can't be fixed?

[jeroen]

@cryptomilk is there a way to enable legacy algorithms in libssh ?

[cryptomilk]

DSS is still supported. Which version of libssh is that and more logging is needed ...

[jeroen]

This is likely 0.8.3 on MacOS. @MarkEdmondson1234 please include your ssh::libssh_version() and sessionInfo() and also try increasing your verbose parameter to get more info.

[MarkEdmondson1234]

Will do, its a work laptop so will send it next week.

[MarkEdmondson1234]

There is another issue with active connections that I will wait to be resolved before creating the new logs, but the versioning info is below:

ssh::libssh_version()
[1] "0.8.3"
> library(ssh)
Warning message:
package ‘ssh’ was built under R version 3.4.4 
> sessionInfo()
R version 3.4.1 (2017-06-30)
Platform: x86_64-apple-darwin15.6.0 (64-bit)
Running under: macOS  10.14

Matrix products: default
BLAS: /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib
LAPACK: /Library/Frameworks/R.framework/Versions/3.4/Resources/lib/libRlapack.dylib

locale:
[1] en_US.UTF-8/en_US.UTF-8/en_US.UTF-8/C/en_US.UTF-8/en_US.UTF-8

attached base packages:
[1] stats     graphics  grDevices utils     datasets  methods   base     

other attached packages:
[1] ssh_0.3

loaded via a namespace (and not attached):
[1] compiler_3.4.1 tools_3.4.1    yaml_2.2.0

[MarkEdmondson1234]

Hello, I'm back now with more complete logs. I can get a little further connecting via bash SSH although still not a full connection.

session <- ssh_connect("me@123.456.789.101",
+                        keyfile = "id_rsa_me", verbose = 4)
ssh_connect: libssh 0.8.3 (c) 2003-2018 Aris Adamantiadis, Andreas Schneider and libssh contributors. Distributed under the LGPL, please refer to COPYING file for information about your rights, using threading threads_pthread
getai: host 123.456.789.101 matches an IP address
ssh_socket_connect: Nonblocking connection socket: 29
ssh_connect: Socket connecting, now waiting for the callbacks to work
ssh_connect: Actual timeout : 10000
ssh_socket_pollcallback: Poll callback on socket 29 (POLLOUT ), out buffer 0
ssh_socket_pollcallback: Received POLLOUT in connecting state
socket_callback_connected: Socket connection callback: 1 (0)
ssh_socket_unbuffered_write: Enabling POLLOUT for socket
ssh_socket_pollcallback: Poll callback on socket 29 (POLLOUT ), out buffer 0
ssh_socket_pollcallback: Poll callback on socket 29 (POLLIN ), out buffer 0
callback_receive_banner: Received banner: SSH-2.0-srtSSHServer_11.00
ssh_client_connection_callback: SSH server banner: SSH-2.0-srtSSHServer_11.00
ssh_analyze_banner: Analyzing banner: SSH-2.0-srtSSHServer_11.00
ssh_socket_pollcallback: Poll callback on socket 29 (POLLIN ), out buffer 0
ssh_packet_socket_callback: packet: read type 20 [len=628,padding=9,comp=618,payload=618]
ssh_packet_process: Dispatching handler for packet type 20
ssh_list_kex: kex algos: diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha512@ssh.com,diffie-hellman-group16-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
ssh_list_kex: server host key algo: ssh-rsa
ssh_list_kex: encryption client->server: aes256-cbc,3des-ctr,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,cast128-cbc
ssh_list_kex: encryption server->client: aes256-cbc,3des-ctr,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,cast128-cbc
ssh_list_kex: mac algo client->server: hmac-sha2-512,hmac-sha2-384,hmac-sha2-256,hmac-sha2-224,hmac-md5
ssh_list_kex: mac algo server->client: hmac-sha2-512,hmac-sha2-384,hmac-sha2-256,hmac-sha2-224,hmac-md5
ssh_list_kex: compression algo client->server: none
ssh_list_kex: compression algo server->client: none
ssh_list_kex: languages client->server: 
ssh_list_kex: languages server->client: 
ssh_client_select_hostkeys: No supported kex method for existing key in known_hosts file
ssh_kex_select_methods: Negotiated diffie-hellman-group16-sha512,ssh-rsa,aes256-cbc,aes256-cbc,hmac-sha2-256,hmac-sha2-256,none,none,,
ssh_list_kex: kex algos: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
ssh_list_kex: server host key algo: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss
ssh_list_kex: encryption client->server: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
ssh_list_kex: encryption server->client: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
ssh_list_kex: mac algo client->server: hmac-sha2-256,hmac-sha2-512,hmac-sha1
ssh_list_kex: mac algo server->client: hmac-sha2-256,hmac-sha2-512,hmac-sha1
ssh_list_kex: compression algo client->server: none
ssh_list_kex: compression algo server->client: none
ssh_list_kex: languages client->server: 
ssh_list_kex: languages server->client: 
ssh_socket_unbuffered_write: Enabling POLLOUT for socket
packet_send2: packet: wrote [len=660,padding=10,comp=649,payload=649]
packet_send2: packet: wrote [len=524,padding=6,comp=517,payload=517]
ssh_socket_pollcallback: Poll callback on socket 29 (POLLOUT ), out buffer 528
ssh_socket_unbuffered_write: Enabling POLLOUT for socket
ssh_socket_pollcallback: Poll callback on socket 29 (POLLOUT ), out buffer 0
ssh_socket_pollcallback: sending control flow event
ssh_packet_socket_controlflow_callback: sending channel_write_wontblock callback
ssh_socket_pollcallback: Poll callback on socket 29 (POLLIN ), out buffer 0
ssh_packet_socket_callback: packet: read type 1 [len=36,padding=4,comp=31,payload=31]
ssh_packet_process: Dispatching handler for packet type 1
ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT 3:invalid DH value
ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT: 3:invalid DH value
ssh_connect: current state : 9
Error: libssh failure at 'connect': Received SSH_MSG_DISCONNECT: 3:invalid DH value

This bash command gets a little further and fails for perhaps a different issue, but I include in case it is the same problem. Changed a few credentials to protect the guilty.

> IIHs-MacBook-Air:example$ scp -oHostKeyAlgorithms=+ssh-dss -i id_rsa_iih -c aes256-cbc -v -o PasswordAuthentication=no -o KbdInteractiveAuthentication=no -o ChallengeResponseAuthentication=no ME@ftp.example.dk:Dynamic_tracking.csv test.csv

Executing: program /usr/bin/ssh host ftp.example.dk, user ME, command scp -v -f Dynamic_tracking.csv
OpenSSH_7.8p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/ME/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to ftp.example.dk port 22.
debug1: Connection established.
debug1: identity file id_rsa_iih type -1
debug1: identity file id_rsa_iih-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.8
debug1: Remote protocol version 2.0, remote software version srtSSHServer_11.00
debug1: no match: srtSSHServer_11.00
debug1: Authenticating to ftp.example.dk:22 as 'ME'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes256-cbc MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes256-cbc MAC: hmac-sha2-256 compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<8192<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:xxxxxx
debug1: Host 'ftp.example.dk' is known and matches the RSA host key.
debug1: Found key in /Users/ME/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: id_rsa_iih
debug1: Authentication succeeded (publickey).
Authenticated to ftp.myexample.dk ([123.456.789.101]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending env LC_CTYPE = en_US.UTF-8
debug1: Sending command: scp -v -f my_file.csv
exec request failed on channel 0

[cryptomilk]

That invalid DH value error is strange. What is the error on the server, could you turn on logging there and check? Also could you update to libssh version 0.8.6?

[MarkEdmondson1234]

I haven't access to the server but I found a solution by its administrator that said linux can't connect to Windows via scp, so switched to sftp it worked. I thought SFTP used sshunderneath it and I do have to set with the same options to get through authentication.

I guess then I was just trying to put a square peg in a round hole? Wrong tool for the job? If thats the case will close the issue, thanks for your time :)

[jeroen]

Both scp and sftp use ssh but they are different protocols. This sounds like some problem with the windows openssh server. Closing for now unless somebody else runs into this and can provide more detailed information.