search

mentochan / ganymed-ssh-2

Automatically exported from code.google.com/p/ganymed-ssh-2
Other
0 stars 0 forks source link

Failure to connect without hmac-sha1 #42

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Recent versions of OpenSSH server have removed hmac-sha1 from the default MACs.

Recent versions of PuTTY, ConnectBot, and the OpenSSH client can connect to 
such a server. Ghost Commander (which uses ganymed-ssh-2) can't connect to a 
server without hmac-sha1, and its author said that this problem happens with 
Basic.java too:

https://sourceforge.net/p/ghostcommander/bugs/33/

Should be reproducible with an OpenSSH 6.6 running with defaults, or 6.0 (what 
Debian ships) with the following line in sshd_config:

MACs hmac-sha2-256,hmac-sha2-512

Original issue reported on code.google.com by anth...@cathet.us on 28 Apr 2014 at 6:32

GoogleCodeExporter commented 9 years ago 
Better exception handling if negotiation fails with algorithm mismatch in r149.

Original comment by dkocher@sudo.ch on 28 Apr 2014 at 9:19

GoogleCodeExporter commented 9 years ago 
hmac-sha1 is required according to RFC 4253.

Original comment by dkocher@sudo.ch on 28 Apr 2014 at 9:26

GoogleCodeExporter commented 9 years ago 
In r152.

Original comment by dkocher@sudo.ch on 28 Apr 2014 at 11:02

GoogleCodeExporter commented 9 years ago 
There is an issue when working with hmac-sha2-512 
Exception: ""Key exchange was not finished, connection is closed."

When trying to connect with OpenSSH_6.6.1 to the same server, everything works 
perfect.

Original comment by shaysolo...@gmail.com on 22 Jan 2015 at 7:53