Closed axelsimon closed 5 years ago
Hi! You are right, at the moment mercury does not support advanced encryption/compression settings. I'll take a look! Thank you for pointing that out.
Just figured my sshd_conf had an issue.
hmac-sha2-512, hmac-sha2-256
should be hmac-sha2-512,hmac-sha2-256
.
I've corrected it, but the same error appears in the logs.
Thanks for your answer in any case Skarafaz :)
For a really secure and up-to-date sshd setup the following algorithms should be included:
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
And thank you for this useful app. :-)
Any news on this? Even just “not happening anytime soon”. Sorry to bump up a bug report, but this bug report was opened nearly 18 months ago :wink:
I'm sorry but I have to confirm the “not happening anytime soon”. Stay tuned!
Updating jsch to the last version fixed the original problem.
Hi,
I use a somewhat hardened sshd config, in which I have the following: Ciphers aes256-ctr MACs hmac-sha2-512, hmac-sha2-256 KexAlgorithms diffie-hellman-group-exchange-sha256
This apparently prevents MercurySSH from connecting, I find a "ERROR: algorithm negotiation fail" in the logs.
I haven't digged in the code, but I think we should encourage strong crypto for SSH (in general), so it might be a good idea to make sure strong ciphers etc. don't break Mercury.
Thanks for a cool app otherwise!
Cheers