Cannot connect to a Debian 9.1 sshd server that only accepts diffie-hellman-group-exchange-sha256
WinSCP cannot connect to a Debian 9.1 sshd server that only accepts diffie-hellman-group-exchange-sha256 as the key-exchange algorithm.
WinSCP returns this error:
sshd however, logs this message:
sshd relevant config:
WinSCP is configured to prefer "Diffie-Hellman group exchange", all the other algorithms are set to warn.
Commenting out KexAlgorithms in sshd_config and restarting sshd causes WinSCP to return this message:
sshd version is: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u1 (Debian 9.1)
WinSCP version is: 5.11.1
Edit:
After some testing I found that connecting to a similarly configured sshd server running on Debian 8.9 does work perfectly fine using WinSCP.
I also did a little bit of digging into the OpenSSH source code, and I think it is OpenSSH that is erroneously causing this problem.
I found this commit: https://github.com/openssh/openssh-portable/commit/2985d4062ebf4204bbd373456a810d558698f9f5
I suspect this is the problem here and that the OpenSSH version in Debian 9.1 doesn't have this change included, which in turn causes this issue of forcing a weak key-exchange on me.
Maybe you can also get the Debian package maintainers to pull this commit in and release an update as well?
How about also implementing a setting to override the WinSCP version string to circumvent any future problems like this, where operating systems are lagging behind on upstream patches like these for OpenSSH. This would at least let advanced users solve the issue quickly. I have temporarily downgraded WinSCP to 5.9.6 again.
WinSCP returns this error:
Server unexpectedly closed network connection.
sshd however, logs this message:
fatal: No supported key exchange algorithms found [preauth]
sshd relevant config:
AuthenticationMethods publickey
Ciphers chacha20-poly1305@openssh.com
KexAlgorithms diffie-hellman-group-exchange-sha256
WinSCP is configured to prefer "Diffie-Hellman group exchange", all the other algorithms are set to warn.
Commenting out KexAlgorithms in sshd_config and restarting sshd causes WinSCP to return this message:
Clicking Yes to the question if I want to continue with the connection does work fine, but this then uses the weaker key-exchange of course.The first key-exchange algorithm supported by the server is diffie-hellman-group14-sha1, which is below the configured warning threshold.
sshd version is: SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u1 (Debian 9.1)
WinSCP version is: 5.11.1
Edit:
After some testing I found that connecting to a similarly configured sshd server running on Debian 8.9 does work perfectly fine using WinSCP.
I also did a little bit of digging into the OpenSSH source code, and I think it is OpenSSH that is erroneously causing this problem.
I found this commit: https://github.com/openssh/openssh-portable/commit/2985d4062ebf4204bbd373456a810d558698f9f5
Make WinSCP patterns for SSH_OLD_DHGEX more specific to
exclude WinSCP 5.10.x and up. bz#2748, from martin at winscp.net, ok djm@
I suspect this is the problem here and that the OpenSSH version in Debian 9.1 doesn't have this change included, which in turn causes this issue of forcing a weak key-exchange on me.
Maybe you can also get the Debian package maintainers to pull this commit in and release an update as well?
How about also implementing a setting to override the WinSCP version string to circumvent any future problems like this, where operating systems are lagging behind on upstream patches like these for OpenSSH. This would at least let advanced users solve the issue quickly. I have temporarily downgraded WinSCP to 5.9.6 again.
