Cannot connect to a Debian 9.1 sshd server that only accepts diffie-hellman-group-exchange-sha256

Advertisement

protput
Joined:
Posts:
7

Cannot connect to a Debian 9.1 sshd server that only accepts diffie-hellman-group-exchange-sha256

WinSCP cannot connect to a Debian 9.1 sshd server that only accepts diffie-hellman-group-exchange-sha256 as the key-exchange algorithm.

WinSCP returns this error:
Server unexpectedly closed network connection.

sshd however, logs this message:
fatal: No supported key exchange algorithms found [preauth]

sshd relevant config:
AuthenticationMethods publickey
Ciphers chacha20-poly1305@openssh.com
KexAlgorithms diffie-hellman-group-exchange-sha256

WinSCP is configured to prefer "Diffie-Hellman group exchange", all the other algorithms are set to warn.

Commenting out KexAlgorithms in sshd_config and restarting sshd causes WinSCP to return this message:
The first key-exchange algorithm supported by the server is diffie-hellman-group14-sha1, which is below the configured warning threshold.
Clicking Yes to the question if I want to continue with the connection does work fine, but this then uses the weaker key-exchange of course.


sshd version is: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u1 (Debian 9.1)
WinSCP version is: 5.11.1


Edit:
After some testing I found that connecting to a similarly configured sshd server running on Debian 8.9 does work perfectly fine using WinSCP.

I also did a little bit of digging into the OpenSSH source code, and I think it is OpenSSH that is erroneously causing this problem.

I found this commit: https://github.com/openssh/openssh-portable/commit/2985d4062ebf4204bbd373456a810d558698f9f5
Make WinSCP patterns for SSH_OLD_DHGEX more specific to
exclude WinSCP 5.10.x and up. bz#2748, from martin at winscp.net, ok djm@

I suspect this is the problem here and that the OpenSSH version in Debian 9.1 doesn't have this change included, which in turn causes this issue of forcing a weak key-exchange on me.

Maybe you can also get the Debian package maintainers to pull this commit in and release an update as well?

How about also implementing a setting to override the WinSCP version string to circumvent any future problems like this, where operating systems are lagging behind on upstream patches like these for OpenSSH. This would at least let advanced users solve the issue quickly. I have temporarily downgraded WinSCP to 5.9.6 again.

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
27,253
Location:
Prague, Czechia

Re: Cannot connect to a Debian 9.1 sshd server that only accepts diffie-hellman-group-exchange-sha256

Thanks for all the details. I'll try to contact Debian maintainers.

Reply with quote

Advertisement

You can post new topics in this forum