Closed belleudya closed 2 years ago
Your first log reports it's using diffie-hellman-group1-sha1
, which doesn't happen in the 2nd log since that outdated algorithm isn't enabled by default. Looking at when and where (in the code) the error happens for your 1st log (which gets past the initial key exchange algorithm part), it seems like ssh-dss
is the culprit. I suggest trying out different algorithms and/or upgrading your OpenSSH version (3.7 is quite old).
Unless something is wrong with diffie-hellman-group1-sha1
itself (again, very old OpenSSH version, haven't checked any changelogs or bug reports but maybe there's a flaw in that version), you don't need to make use of the DF-GE
, since it will use all the default kex
algorithms without the diffie-hellman-group-exchange
ones, overriding the one you specified.
same issue here. Here is my setup
Description: CentOS release 5.6 (Final)
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
SSHFS v1.24.1 working
SSHFS v1.25.0 not work
In default terminal, I have to add these line into my ssh config to make it work.
KexAlgorithms +diffie-hellman-group1-sha1
Maybe we should add some kind of configuration around KexAlgorithms
@hoangtocdo90 This issue would be easier to solve with debug logs, so please follow these steps:
DEBUG_SSH2
to the sshfs.flags
array in VS Code's User Settings (settings.json)
e.g. "sshfs.flags": ["DEBUG_SSH2"]
Output > SSH FS
and copy the log from there after replicating your bugDEBUG_SSH2
activates some internal logging, which is less likely to be censored)_As to replicate the KeyAlgorithms
directive, you can check this link. The SSH FS configs are stored (as JSON) in your User Settings (or similar) under the sshfs.configs
key. You can add the above-linked algorithms.kex
to configure which algorithms to use, for example:
"sshfs.configs": [
{
"name": "my-server" // also host, username, ...
"algorithms": {
"kex": ["diffie-hellman-group1-sha1"]
}
}
]
@SchoofsKelvin
"kex": ["diffie-hellman-group1-sha1"]
It's work. Thanks a lot.
Hi
I try to connect to a distant server. I had to configure kex, cipher and serverHostkey because distant host only accept "diffie-hellman-group1-sha1" key exchange algorithm and I can't change it. I tried with the "sshfs.flags": ["DF-GE"] option but it seems it doesn't take the key exchange in account an I have another error : "Handshake failed: no matching key exchange algorithm"
Is there to fix that?
Thanks
log without "sshfs.flags": ["DF-GE"] (with the option above)
log with "sshfs.flags": ["DF-GE"]