Topic "WinSCP cannot negotiate a secure key exchange with OpenSSH 6.9 (Fixed in PuTTY 0.65)"

Author Message
marcan
[View user's profile]

Joined: 2015-07-09
Posts: 1
WinSCP supports the following key exchange mechanisms:
Code:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,rsa2048-sha256,rsa1024-sha1

While OpenSSH 6.9 supports these by default:
Code:
curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

Which means that the following are common:
Code:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1

However, WinSCP is still using the old SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message. Support for the old deprecated message was removed in OpenSSH 6.9:
Code:
compat.c Revision 1.90, Mon Apr 13 02:04:08 2015 UTC (2 months, 3 weeks ago) by djm
Branch: MAIN

deprecate ancient, pre-RFC4419 and undocumented
SSH2_MSG_KEX_DH_GEX_REQUEST_OLD message;
ok markus@ deraadt@ "seems reasonable" dtucker@

Which means that WinSCP cannot successfully negotiate diffie-hellman-group-exchange-* ciphers. For this reason, they were blacklisted for WinSCP clients in OpenSSH 6.9:
Code:
compat.c Revision 1.92, Tue May 5 10:17:49 2015 UTC (2 months ago) by dtucker
Branch: MAIN

WinSCP doesn't implement RFC4419 DH-GEX so flag it so we don't offer that
KEX method.  ok markus@

This leaves WinSCP with diffie-hellman-group14-sha1. SHA-1 is deprecated and insecure, and security-conscious SSH server administrators disable SHA-1 key exchange mechanisms. WinSCP can no longer negotiate any key exchange mechanism with OpenSSH 6.9 that is considered secure.

PuTTY 0.65 supports the newer message type. Additionally, PuTTY snapshots support newer protocols like curve25519 kex and the chacha20 cipher, which are a really good idea. WinSCP should update to at least 0.65, and the WinSCP team should notify the OpenSSH developers of the minimum version number that will support the new message type, so they can limit the blacklist to older versions.
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
Thanks for your message.

We will look into this.
mvs

Guest


+1 for this!
Can't connect from Far Manager Netbox plugin (based on latest WinSCP) to server with recent OpenSSH 6.9 but successfully connect to it from latest beta PuTTY.
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
RFC 4419 added to the tracker:
http://winscp.net/tracker/show_bug.cgi?id=1345
Woitek
[View user's profile]

Joined: 2015-08-17
Posts: 5
Hello,

as far as I understand, the problem is fixed in Putty 0.65, and therefore only in non-leased-yet WinSCP 5.8. I guess the information in (http://winscp.net/tracker/show_bug.cgi?id=1345) is misleading, because it says that the problem has been fixed in WinSCP version 5.7.5.

When is the 5.8 version due to be released?

--
Wojtek
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
The tracker is correct. The RFC 4419 is implemented in 5.7.5.

See also version history
http://winscp.net/eng/docs/history#5.7.5
mvs

Guest


prikryl, latest WinSCP 5.7.5 (Build 5665) still get error "Couldn't agree a host key algorithm (available: ssh-ed25519)" when trying to connect to server with OpenSSH_6.9p1.
Woitek
[View user's profile]

Joined: 2015-08-17
Posts: 5
Hello again, prikryl,

whatever it is that has been corrected in 5.7.5, the error that was mentioned earlier (problem connecting to OpenSSH 6.9) still persists:



and as has been written somewhere, the problem is in PuTTY, and has been fixed in PuTTY version 0.65, so until WinSCP moves to PuTTY 0.65 code, it probably won't work. I've read, that WinSCP v5.8 will be based on PuTTY 0.65.

So, back to my question - when is WinSCP 5.8 going to be released? Or is this bug going to be fixed in an earlier version of WinSCP?

Best regards,

--
Wojtek
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
Please attach a full log file showing the problem (using the latest version of WinSCP).

To generate log file, enable logging, log in to your server and do the operation and only the operation that causes the error. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you can mark the attachment as private.
Omyl

Guest


I have the same problem.
Log file attached...
boxik.log (3.09 KB) [Download]

Description: logfile

martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
Omyl wrote:
I have the same problem.
Log file attached...


Your server offers only curve25519-sha256@libssh.org KEX to WinSCP.
It's probably because OpenSSH 6.9 (yours) and 7.0 won't offer DH KEX to WinSCP, as OpenSSH since 6.9 dropped support for pre-RFC4419 implementations.

OpenSSH 7.1 will offer DH KEX to WinSCP 5.7.5 and newer (which supports RFC4419). So please upgrade your OpenSSH to the latest version.
mvs

Guest


prikryl wrote:
OpenSSH 7.1 will offer DH KEX to WinSCP 5.7.5 and newer (which supports RFC4419). So please upgrade your OpenSSH to the latest version.

"OpenSSH_7.1p1, without OpenSSL" - the same error "Couldn't agree a key exchange algorithm (available: curve25519-sha256@libssh.org)"
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
mvs wrote:
"OpenSSH_7.1p1, without OpenSSL" - the same error "Couldn't agree a key exchange algorithm (available: curve25519-sha256@libssh.org)"

Did you use the latest version of WinSCP (5.7.5)?

Please attach a full log file showing the problem (using the latest version of WinSCP).

To generate log file, enable logging, log in to your server and do the operation and only the operation that causes the error. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you can mark the attachment as private.

Can I have a test account on the server?
Woitek
[View user's profile]

Joined: 2015-08-17
Posts: 5
prikryl wrote:
Please attach a full log file showing the problem (using the latest version of WinSCP).



Hello prikryl, sorry for the late reply. I attach the log file, both from WinSCP (as you instructed), and from the OpenSSH server (run in debug mode), both in one file, zipped.
winscp-woitek.zip (2.49 KB) [Download]

Description: (none)

martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
Woitek wrote:
Hello prikryl, sorry for the late reply. I attach the log file, both from WinSCP (as you instructed), and from the OpenSSH server (run in debug mode), both in one file, zipped.

See my answer to Omyl's post above:
https://winscp.net/forum/viewtopic.php?p=58774#58774
Woitek
[View user's profile]

Joined: 2015-08-17
Posts: 5
prikryl wrote:

See my answer to Omyl's post above:
https://winscp.net/forum/viewtopic.php?p=58774#58774


Oh, I get it - OpenSSH not only disabled the KEX, they also stopped advertising it to WinSCP based on the name/version of the client. So ineed, either one has to upgrade to OpenSSH 7.1, or probably only apply this patch:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/compat.c.diff?r1=1.96&r2=1.97

I'll try it in the evening.
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 24512
Location: Prague, Czechia
Woitek wrote:
Oh, I get it - OpenSSH not only disabled the KEX, they also stopped advertising it to WinSCP based on the name/version of the client. So ineed, either one has to upgrade to OpenSSH 7.1, or probably only apply this patch:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/compat.c.diff?r1=1.96&r2=1.97

Correct, applying the patch helps too.
Woitek
[View user's profile]

Joined: 2015-08-17
Posts: 5
prikryl wrote:
Woitek wrote:
Oh, I get it - OpenSSH not only disabled the KEX, they also stopped advertising it to WinSCP based on the name/version of the client. So ineed, either one has to upgrade to OpenSSH 7.1, or probably only apply this patch:

http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/compat.c.diff?r1=1.96&r2=1.97

Correct, applying the patch helps too.

It works! Thank you, prikryl.

--
Wojtek
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License