Bug #57062 | Error starting up SSH connection(-5): Unable to exchange encryption keys | |||
---|---|---|---|---|
Submitted: | 2006-06-05 18:57 UTC | Modified: | 2012-06-12 19:51 UTC | |
From: | fishgills at fishgills dot net | Assigned: | langemeijer (profile) | |
Status: | Closed | Package: | ssh2 (PECL) | |
PHP Version: | 4.4.1 | OS: | Redhat Enterprise 3 | |
Private report: | No | CVE-ID: | None |
[2006-06-05 18:57 UTC] fishgills at fishgills dot net
Description: ------------ I'm getting this error when using the SSH2 0.12 from its beta PECL channel It's a very simple test script. I have all the required packages installed. Reproduce code: --------------- <?php $connect = ssh2_connect('d50-1.s50', 22); if (!$connection) die('Connection failed'); ?> Expected result: ---------------- To get a connection to the specified host. Actual result: -------------- PHP Warning: ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys in /tmp/test.php on line 2 PHP Warning: ssh2_connect(): Unable to connect to d50-1.s50 in /tmp/test.php on line 2
Patches
Add a Patch
Pull Requests
Add a Pull Request
History
AllCommentsChangesGit/SVN commitsRelated reports
[2006-06-20 22:43 UTC] spam at spam dot com
I'm getting the same error on CentOS (not sure which version sorry) ssh2 is at 0.10 and libssh2 is at 0.12
[2006-06-22 12:28 UTC] fishgills at fishgills dot net
I'm running libssh2 at verison 0.12 and ssh2 is at 0.10 as well. Anyone out there that can help?
[2006-06-22 15:30 UTC] pollita@php.net
This bug has been fixed in CVS. In case this was a documentation problem, the fix will show up at the end of next Sunday (CET) on pecl.php.net. In case this was a pecl.php.net website problem, the change will show up on the website in short time. Thank you for the report, and for helping us make PECL better. This looks like it was a bug (technically, a lacking feature) in the libssh2 library rather than the PECL extension which uses it. Please download and install libssh2-0.14 ( http://www.libssh2.org ) then rebuild PECL/ssh2 ( http://pecl.php.net/packages/ssh2 ).
[2006-07-28 04:43 UTC] pushlan at gmail dot com
I'm running libssh2 at verison 0.14 and ssh2 is at 0.10 as well. Fedora 5 php code: $connection = ssh2_connect('192.168.13.1', 22); if (!$connection) die('Connection failed'); result: PHP Warning: ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys in /root/to-nas/ssh.php on line 3 PHP Warning: ssh2_connect(): Unable to connect to 192.168.13.1 in /root/to-nas/ssh.php on line 3 Connection failed
[2007-02-06 19:04 UTC] matrix dot morpheus at gmail dot com
Using 2.6.19-gentoo-r5 and im recieving the same error "Warning: ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys in..." Has this been fixed ???? Im using libssh2-0.14 and ssh2-0.10
[2008-05-30 12:25 UTC] atomic_space_robot at yahoo dot com
Running libssh2-0.18 and ssh2-0.11 on SUSE 10.1 and getting the same as well: "PHP Warning: ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys in..." Strangely, it only happens when trying to connect to certain machines. On others, it works great. It would seem the issue is on the machines I'm trying to connect to but I can connect to them using OpenSSH from the command line.
[2008-06-06 15:35 UTC] ben at infotechsc dot com
I am experiencing the same exact problem. CentOS 4.5 (Final) with libssh2-0.18 and ssh2-0.10. The machine I'm trying to connect to uses this version of SSH: SSH-1.99-OpenSSH_2.3.0_Mikrotik_v2.9
[2009-03-07 16:37 UTC] ben at infotechsc dot com
Here is a class we wrote to solve this particular problem: <?php /* Author: Benjamin Menking <ben@infotechsc.com> Additional coding by David Johnson <davemann619@gmail.com> This code is public domain. The author makes no warranty or guarantee of fitness or accuracy. The author would love to recieve changes and modifications to this code, if you are inclined to share. */ class SSH2_conn { const NO_PTY = false; private static $methods = array( 'kex' => 'diffie-hellman-group1-sha1', 'hostkey' => 'ssh-dss', 'client_to_server' => array( 'crypt' => '3des-cbc', 'mac' => 'hmac-md5', 'comp' => 'none'), 'server_to_client' => array( 'crypt' => '3des-cbc', 'mac' => 'hmac-md5', 'comp' => 'none')); private $ip, $name, $pass; function __construct($ip, $name, $pass) { $this->ip = $ip; $this->name = $name; $this->pass = $pass; } function exec($cmd) { $conn = $this->_connect(); $stream = ssh2_exec($conn, $cmd, self::NO_PTY); if( $stream === false ) die('no stream available'); return $stream; } function exec_print($cmd) { $conn = $this->_connect(); $stream = ssh2_exec($conn, $cmd, self::NO_PTY); if( $stream === false ) die('no stream available'); while( !feof($stream) ) { $line = fgets($stream); echo $line; } fclose($stream); } function _connect() { $conn = ssh2_connect($this->ip, 22, self::$methods); if( $conn === false ) die("Could not connect!n"); // use this line for username/password authentication $test = ssh2_auth_password($conn, $this->name, $this->pass); // use this code snippet for public/private key authentication (much nicer IMHO) //$test = ssh2_auth_pubkey_file($conn, 'webuser', // '/root/.ssh/id_dsa.pub', // '/root/.ssh/id_dsa', ''); if( $test === false ) die("Failed!n"); return $conn; } } class Router { private $ip, $conn; function __construct($ip, $name, $pass) { $this->ip = $ip; $this->conn = new SSH2_conn($ip, $name, $pass); } function add_extern_user($user, $ip, $port, $rip, $comment) { $this->conn->exec_print("/ip firewall nat add chain=dstnat action=dst-nat to-addresses=$ip to-ports=$port dst-address=$rip comment="$comment" protocol=tcp"); } function add_pptp_user($name, $rip, $pass) { $ip = $this->ip; $this->conn->exec_print("/ppp secret add name=$name service=pptp local-address=$ip remote-address=$rip password=$pass"); } function add_static_user($user, $ip) { // not needed } function verify_extern_account($name, $ip, $port, $rip, $comment) { $stream = $this->conn->exec('/ip firewall nat print'); $str = ''; while( !feof($stream) ) { $line = fgets($stream); $str .= $line; } $comment = preg_quote($comment); return (preg_match("/$comments+chain=dstnats+action=dst-nats+to-addresses=$ips+to-ports=$ports+dst-address=$rips+protocol=tcp/m", $str) > 0); } function verify_pptp_account($name, $rip, $pass, $comment) { $stream = $this->conn->exec('/ppp secret print terse'); $str = ''; while( !feof($stream) ) { $line = fgets($stream); $str .= $line; } fclose($stream); $comment = preg_quote($comment); return (preg_match("/name=$name/m", $str) > 0); } function verify_static_account($name, $ip) { return true; } } // test unit code. comment out to use class $router = new Router('192.168.1.1', 'admin', ''); $router->add_pptp_user('foo', '192.168.1.250', 'bar'); $router->print_status(); ?>
[2009-07-09 19:32 UTC] paul at gi dot alaska dot edu
I had this problem when trying to connect to a server running version 1 of the ssh protocol. Upgraded the server to ssh v2 and things work nicely.
[2012-06-12 19:51 UTC] langemeijer@php.net
-Status: Feedback
+Status: Closed
-Assigned To:
+Assigned To: langemeijer
On a current Debian unstable upgraded today:
$ curl scp://localhost/ -v
* Trying 127.0.0.1:22...
* Connected to localhost (127.0.0.1) port 22 (#0)
* Found host localhost in /home/daniel/.ssh/known_hosts
* Set "ssh-rsa" as SSH hostkey type
* Failure establishing ssh session: -5, Unable to exchange encryption keys
* Closing connection 0
curl: (2) Failure establishing ssh session: -5, Unable to exchange encryption keys
The curl build uses libssh2 1.10.0 and looks like this:
$ curl -V
curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/1.1.1m zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.0) libssh2/1.10.0 nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.4.59
Release-Date: 2022-01-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets zstd
This problem might be because of OpenSSH_8.8p1 being used as a server. It reproduces with the 1.10.0 as well as with libssh2 from current git.
Note that this problem happens before any auth is attempted. It is libssh2_session_handshake
that returns -5 (LIBSSH2_ERROR_KEX_FAILURE
)
The error is at (note that the function call is a define that might use the *handshake version if libssh2 is new enough):
https://github.com/curl/curl/blob/441db4652c1716c4a97d1f8db7f7bbed3ce53beb/lib/vssh/libssh2.c#L935
If I rebuild current curl with current libssh2 debug-enabled and enable full tracing, this is what it says:
daniel@storebror:~/src/curl [master]$ ./src/curl -v scp://localhost
* STATE: INIT => CONNECT handle 0x55aa6a6dbf58; line 1834 (connection #-5000)
* Added connection 0. The cache now contains 1 members
* family0 == v4, family1 == v6
* Trying 127.0.0.1:22...
* STATE: CONNECT => CONNECTING handle 0x55aa6a6dbf58; line 1895 (connection #0)
* Connected to localhost (127.0.0.1) port 22 (#0)
* STATE: CONNECTING => PROTOCONNECT handle 0x55aa6a6dbf58; line 2027 (connection #0)
* User:
* Password:
* SSH socket: 5
* SFTP 0x55aa6a6db1d8 state change from SSH_STOP to SSH_INIT
[libssh2] 0.768898 Conn: Setting blocking mode OFF
* Found host localhost in /home/daniel/.ssh/known_hosts
* Set "ssh-rsa" as SSH hostkey type
* SFTP 0x55aa6a6db1d8 state change from SSH_INIT to SSH_S_STARTUP
[libssh2] 0.768923 Transport: session_startup for socket 5
[libssh2] 0.768927 Transport: Sending Banner: SSH-2.0-libssh2_1.10.1_DEV
[libssh2] 0.768949 Socket: Sent 28/28 bytes at 0x55aa6954ae65+0
* STATE: PROTOCONNECT => PROTOCONNECTING handle 0x55aa6a6dbf58; line 2047 (connection #0)
[libssh2] 0.779142 Socket: Recved 1 bytes banner
[libssh2] 0.779164 Socket: Recved 1 bytes banner
[libssh2] 0.779169 Socket: Recved 1 bytes banner
[libssh2] 0.779174 Socket: Recved 1 bytes banner
[libssh2] 0.779186 Socket: Recved 1 bytes banner
[libssh2] 0.779188 Socket: Recved 1 bytes banner
[libssh2] 0.779190 Socket: Recved 1 bytes banner
[libssh2] 0.779191 Socket: Recved 1 bytes banner
[libssh2] 0.779193 Socket: Recved 1 bytes banner
[libssh2] 0.779197 Socket: Recved 1 bytes banner
[libssh2] 0.779200 Socket: Recved 1 bytes banner
[libssh2] 0.779202 Socket: Recved 1 bytes banner
[libssh2] 0.779205 Socket: Recved 1 bytes banner
[libssh2] 0.779207 Socket: Recved 1 bytes banner
[libssh2] 0.779209 Socket: Recved 1 bytes banner
[libssh2] 0.779212 Socket: Recved 1 bytes banner
[libssh2] 0.779214 Socket: Recved 1 bytes banner
[libssh2] 0.779216 Socket: Recved 1 bytes banner
[libssh2] 0.779219 Socket: Recved 1 bytes banner
[libssh2] 0.779221 Socket: Recved 1 bytes banner
[libssh2] 0.779224 Socket: Recved 1 bytes banner
[libssh2] 0.779227 Socket: Recved 1 bytes banner
[libssh2] 0.779229 Socket: Recved 1 bytes banner
[libssh2] 0.779232 Socket: Recved 1 bytes banner
[libssh2] 0.779234 Socket: Recved 1 bytes banner
[libssh2] 0.779237 Socket: Recved 1 bytes banner
[libssh2] 0.779240 Socket: Recved 1 bytes banner
[libssh2] 0.779242 Socket: Recved 1 bytes banner
[libssh2] 0.779245 Socket: Recved 1 bytes banner
[libssh2] 0.779247 Socket: Recved 1 bytes banner
[libssh2] 0.779250 Socket: Recved 1 bytes banner
[libssh2] 0.779254 Socket: Recved 1 bytes banner
[libssh2] 0.779258 Transport: Received Banner: SSH-2.0-OpenSSH_8.8p1 Debian-1
[libssh2] 0.779299 Key Ex: Sent KEX: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1
[libssh2] 0.779304 Key Ex: Sent HOSTKEY: ssh-rsa
[libssh2] 0.779306 Key Ex: Sent CRYPT_CS: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc
[libssh2] 0.779309 Key Ex: Sent CRYPT_SC: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc
[libssh2] 0.779311 Key Ex: Sent MAC_CS: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com
[libssh2] 0.779313 Key Ex: Sent MAC_SC: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com
[libssh2] 0.779316 Key Ex: Sent COMP_CS: none
[libssh2] 0.779318 Key Ex: Sent COMP_SC: none
[libssh2] 0.779320 Key Ex: Sent LANG_CS:
[libssh2] 0.779322 Key Ex: Sent LANG_SC:
=> libssh2_transport_write plain (915 bytes)
0000: 14 10 CC 62 E8 A4 63 7A CD BA CC 1F 5F 53 22 31 : ...b..cz...._S"1
0010: 4B 00 00 01 40 63 75 72 76 65 32 35 35 31 39 2D : K...@curve25519-
0020: 73 68 61 32 35 36 2C 63 75 72 76 65 32 35 35 31 : sha256,curve2551
0030: 39 2D 73 68 61 32 35 36 40 6C 69 62 73 73 68 2E : 9-sha256@libssh.
0040: 6F 72 67 2C 65 63 64 68 2D 73 68 61 32 2D 6E 69 : org,ecdh-sha2-ni
0050: 73 74 70 32 35 36 2C 65 63 64 68 2D 73 68 61 32 : stp256,ecdh-sha2
0060: 2D 6E 69 73 74 70 33 38 34 2C 65 63 64 68 2D 73 : -nistp384,ecdh-s
0070: 68 61 32 2D 6E 69 73 74 70 35 32 31 2C 64 69 66 : ha2-nistp521,dif
0080: 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F 75 : fie-hellman-grou
0090: 70 2D 65 78 63 68 61 6E 67 65 2D 73 68 61 32 35 : p-exchange-sha25
00a0: 36 2C 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 6E : 6,diffie-hellman
00b0: 2D 67 72 6F 75 70 31 36 2D 73 68 61 35 31 32 2C : -group16-sha512,
00c0: 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 : diffie-hellman-g
00d0: 72 6F 75 70 31 38 2D 73 68 61 35 31 32 2C 64 69 : roup18-sha512,di
00e0: 66 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F : ffie-hellman-gro
00f0: 75 70 31 34 2D 73 68 61 32 35 36 2C 64 69 66 66 : up14-sha256,diff
0100: 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F 75 70 : ie-hellman-group
0110: 31 34 2D 73 68 61 31 2C 64 69 66 66 69 65 2D 68 : 14-sha1,diffie-h
0120: 65 6C 6C 6D 61 6E 2D 67 72 6F 75 70 31 2D 73 68 : ellman-group1-sh
0130: 61 31 2C 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 : a1,diffie-hellma
0140: 6E 2D 67 72 6F 75 70 2D 65 78 63 68 61 6E 67 65 : n-group-exchange
0150: 2D 73 68 61 31 00 00 00 07 73 73 68 2D 72 73 61 : -sha1....ssh-rsa
0160: 00 00 00 92 61 65 73 31 32 38 2D 63 74 72 2C 61 : ....aes128-ctr,a
0170: 65 73 31 39 32 2D 63 74 72 2C 61 65 73 32 35 36 : es192-ctr,aes256
0180: 2D 63 74 72 2C 61 65 73 32 35 36 2D 63 62 63 2C : -ctr,aes256-cbc,
0190: 72 69 6A 6E 64 61 65 6C 2D 63 62 63 40 6C 79 73 : rijndael-cbc@lys
01a0: 61 74 6F 72 2E 6C 69 75 2E 73 65 2C 61 65 73 31 : ator.liu.se,aes1
01b0: 39 32 2D 63 62 63 2C 61 65 73 31 32 38 2D 63 62 : 92-cbc,aes128-cb
01c0: 63 2C 62 6C 6F 77 66 69 73 68 2D 63 62 63 2C 61 : c,blowfish-cbc,a
01d0: 72 63 66 6F 75 72 31 32 38 2C 61 72 63 66 6F 75 : rcfour128,arcfou
01e0: 72 2C 63 61 73 74 31 32 38 2D 63 62 63 2C 33 64 : r,cast128-cbc,3d
01f0: 65 73 2D 63 62 63 00 00 00 92 61 65 73 31 32 38 : es-cbc....aes128
0200: 2D 63 74 72 2C 61 65 73 31 39 32 2D 63 74 72 2C : -ctr,aes192-ctr,
0210: 61 65 73 32 35 36 2D 63 74 72 2C 61 65 73 32 35 : aes256-ctr,aes25
0220: 36 2D 63 62 63 2C 72 69 6A 6E 64 61 65 6C 2D 63 : 6-cbc,rijndael-c
0230: 62 63 40 6C 79 73 61 74 6F 72 2E 6C 69 75 2E 73 : bc@lysator.liu.s
0240: 65 2C 61 65 73 31 39 32 2D 63 62 63 2C 61 65 73 : e,aes192-cbc,aes
0250: 31 32 38 2D 63 62 63 2C 62 6C 6F 77 66 69 73 68 : 128-cbc,blowfish
0260: 2D 63 62 63 2C 61 72 63 66 6F 75 72 31 32 38 2C : -cbc,arcfour128,
0270: 61 72 63 66 6F 75 72 2C 63 61 73 74 31 32 38 2D : arcfour,cast128-
0280: 63 62 63 2C 33 64 65 73 2D 63 62 63 00 00 00 71 : cbc,3des-cbc...q
0290: 68 6D 61 63 2D 73 68 61 32 2D 32 35 36 2C 68 6D : hmac-sha2-256,hm
02a0: 61 63 2D 73 68 61 32 2D 35 31 32 2C 68 6D 61 63 : ac-sha2-512,hmac
02b0: 2D 73 68 61 31 2C 68 6D 61 63 2D 73 68 61 31 2D : -sha1,hmac-sha1-
02c0: 39 36 2C 68 6D 61 63 2D 6D 64 35 2C 68 6D 61 63 : 96,hmac-md5,hmac
02d0: 2D 6D 64 35 2D 39 36 2C 68 6D 61 63 2D 72 69 70 : -md5-96,hmac-rip
02e0: 65 6D 64 31 36 30 2C 68 6D 61 63 2D 72 69 70 65 : emd160,hmac-ripe
02f0: 6D 64 31 36 30 40 6F 70 65 6E 73 73 68 2E 63 6F : md160@openssh.co
0300: 6D 00 00 00 71 68 6D 61 63 2D 73 68 61 32 2D 32 : m...qhmac-sha2-2
0310: 35 36 2C 68 6D 61 63 2D 73 68 61 32 2D 35 31 32 : 56,hmac-sha2-512
0320: 2C 68 6D 61 63 2D 73 68 61 31 2C 68 6D 61 63 2D : ,hmac-sha1,hmac-
0330: 73 68 61 31 2D 39 36 2C 68 6D 61 63 2D 6D 64 35 : sha1-96,hmac-md5
0340: 2C 68 6D 61 63 2D 6D 64 35 2D 39 36 2C 68 6D 61 : ,hmac-md5-96,hma
0350: 63 2D 72 69 70 65 6D 64 31 36 30 2C 68 6D 61 63 : c-ripemd160,hmac
0360: 2D 72 69 70 65 6D 64 31 36 30 40 6F 70 65 6E 73 : -ripemd160@opens
0370: 73 68 2E 63 6F 6D 00 00 00 04 6E 6F 6E 65 00 00 : sh.com....none..
0380: 00 04 6E 6F 6E 65 00 00 00 00 00 00 00 00 00 00 : ..none..........
0390: 00 00 00 : ...
[libssh2] 0.779452 Socket: Sent 928/928 bytes at 0x55aa6a720d80
=> libssh2_transport_write send() (928 bytes)
0000: 00 00 03 9C 08 14 10 CC 62 E8 A4 63 7A CD BA CC : ........b..cz...
0010: 1F 5F 53 22 31 4B 00 00 01 40 63 75 72 76 65 32 : ._S"1K...@curve2
0020: 35 35 31 39 2D 73 68 61 32 35 36 2C 63 75 72 76 : 5519-sha256,curv
0030: 65 32 35 35 31 39 2D 73 68 61 32 35 36 40 6C 69 : e25519-sha256@li
0040: 62 73 73 68 2E 6F 72 67 2C 65 63 64 68 2D 73 68 : bssh.org,ecdh-sh
0050: 61 32 2D 6E 69 73 74 70 32 35 36 2C 65 63 64 68 : a2-nistp256,ecdh
0060: 2D 73 68 61 32 2D 6E 69 73 74 70 33 38 34 2C 65 : -sha2-nistp384,e
0070: 63 64 68 2D 73 68 61 32 2D 6E 69 73 74 70 35 32 : cdh-sha2-nistp52
0080: 31 2C 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 6E : 1,diffie-hellman
0090: 2D 67 72 6F 75 70 2D 65 78 63 68 61 6E 67 65 2D : -group-exchange-
00a0: 73 68 61 32 35 36 2C 64 69 66 66 69 65 2D 68 65 : sha256,diffie-he
00b0: 6C 6C 6D 61 6E 2D 67 72 6F 75 70 31 36 2D 73 68 : llman-group16-sh
00c0: 61 35 31 32 2C 64 69 66 66 69 65 2D 68 65 6C 6C : a512,diffie-hell
00d0: 6D 61 6E 2D 67 72 6F 75 70 31 38 2D 73 68 61 35 : man-group18-sha5
00e0: 31 32 2C 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 : 12,diffie-hellma
00f0: 6E 2D 67 72 6F 75 70 31 34 2D 73 68 61 32 35 36 : n-group14-sha256
0100: 2C 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D : ,diffie-hellman-
0110: 67 72 6F 75 70 31 34 2D 73 68 61 31 2C 64 69 66 : group14-sha1,dif
0120: 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F 75 : fie-hellman-grou
0130: 70 31 2D 73 68 61 31 2C 64 69 66 66 69 65 2D 68 : p1-sha1,diffie-h
0140: 65 6C 6C 6D 61 6E 2D 67 72 6F 75 70 2D 65 78 63 : ellman-group-exc
0150: 68 61 6E 67 65 2D 73 68 61 31 00 00 00 07 73 73 : hange-sha1....ss
0160: 68 2D 72 73 61 00 00 00 92 61 65 73 31 32 38 2D : h-rsa....aes128-
0170: 63 74 72 2C 61 65 73 31 39 32 2D 63 74 72 2C 61 : ctr,aes192-ctr,a
0180: 65 73 32 35 36 2D 63 74 72 2C 61 65 73 32 35 36 : es256-ctr,aes256
0190: 2D 63 62 63 2C 72 69 6A 6E 64 61 65 6C 2D 63 62 : -cbc,rijndael-cb
01a0: 63 40 6C 79 73 61 74 6F 72 2E 6C 69 75 2E 73 65 : c@lysator.liu.se
01b0: 2C 61 65 73 31 39 32 2D 63 62 63 2C 61 65 73 31 : ,aes192-cbc,aes1
01c0: 32 38 2D 63 62 63 2C 62 6C 6F 77 66 69 73 68 2D : 28-cbc,blowfish-
01d0: 63 62 63 2C 61 72 63 66 6F 75 72 31 32 38 2C 61 : cbc,arcfour128,a
01e0: 72 63 66 6F 75 72 2C 63 61 73 74 31 32 38 2D 63 : rcfour,cast128-c
01f0: 62 63 2C 33 64 65 73 2D 63 62 63 00 00 00 92 61 : bc,3des-cbc....a
0200: 65 73 31 32 38 2D 63 74 72 2C 61 65 73 31 39 32 : es128-ctr,aes192
0210: 2D 63 74 72 2C 61 65 73 32 35 36 2D 63 74 72 2C : -ctr,aes256-ctr,
0220: 61 65 73 32 35 36 2D 63 62 63 2C 72 69 6A 6E 64 : aes256-cbc,rijnd
0230: 61 65 6C 2D 63 62 63 40 6C 79 73 61 74 6F 72 2E : ael-cbc@lysator.
0240: 6C 69 75 2E 73 65 2C 61 65 73 31 39 32 2D 63 62 : liu.se,aes192-cb
0250: 63 2C 61 65 73 31 32 38 2D 63 62 63 2C 62 6C 6F : c,aes128-cbc,blo
0260: 77 66 69 73 68 2D 63 62 63 2C 61 72 63 66 6F 75 : wfish-cbc,arcfou
0270: 72 31 32 38 2C 61 72 63 66 6F 75 72 2C 63 61 73 : r128,arcfour,cas
0280: 74 31 32 38 2D 63 62 63 2C 33 64 65 73 2D 63 62 : t128-cbc,3des-cb
0290: 63 00 00 00 71 68 6D 61 63 2D 73 68 61 32 2D 32 : c...qhmac-sha2-2
02a0: 35 36 2C 68 6D 61 63 2D 73 68 61 32 2D 35 31 32 : 56,hmac-sha2-512
02b0: 2C 68 6D 61 63 2D 73 68 61 31 2C 68 6D 61 63 2D : ,hmac-sha1,hmac-
02c0: 73 68 61 31 2D 39 36 2C 68 6D 61 63 2D 6D 64 35 : sha1-96,hmac-md5
02d0: 2C 68 6D 61 63 2D 6D 64 35 2D 39 36 2C 68 6D 61 : ,hmac-md5-96,hma
02e0: 63 2D 72 69 70 65 6D 64 31 36 30 2C 68 6D 61 63 : c-ripemd160,hmac
02f0: 2D 72 69 70 65 6D 64 31 36 30 40 6F 70 65 6E 73 : -ripemd160@opens
0300: 73 68 2E 63 6F 6D 00 00 00 71 68 6D 61 63 2D 73 : sh.com...qhmac-s
0310: 68 61 32 2D 32 35 36 2C 68 6D 61 63 2D 73 68 61 : ha2-256,hmac-sha
0320: 32 2D 35 31 32 2C 68 6D 61 63 2D 73 68 61 31 2C : 2-512,hmac-sha1,
0330: 68 6D 61 63 2D 73 68 61 31 2D 39 36 2C 68 6D 61 : hmac-sha1-96,hma
0340: 63 2D 6D 64 35 2C 68 6D 61 63 2D 6D 64 35 2D 39 : c-md5,hmac-md5-9
0350: 36 2C 68 6D 61 63 2D 72 69 70 65 6D 64 31 36 30 : 6,hmac-ripemd160
0360: 2C 68 6D 61 63 2D 72 69 70 65 6D 64 31 36 30 40 : ,hmac-ripemd160@
0370: 6F 70 65 6E 73 73 68 2E 63 6F 6D 00 00 00 04 6E : openssh.com....n
0380: 6F 6E 65 00 00 00 04 6E 6F 6E 65 00 00 00 00 00 : one....none.....
0390: 00 00 00 00 00 00 00 00 AC 0D 3C 90 52 49 94 46 : ..........<.RI.F
[libssh2] 0.779553 Transport: Looking for packet of type: 20
[libssh2] 0.780348 Socket: Recved 1016/16384 bytes to 0x55aa6a71cd40+0
=> libssh2_transport_read() raw (1016 bytes)
0000: 00 00 03 F4 0A 14 7E C6 47 B5 7D 44 09 7D 4A 5D : ......~.G.}D.}J]
0010: 8B D2 FB 1D 95 17 00 00 00 E6 63 75 72 76 65 32 : ..........curve2
0020: 35 35 31 39 2D 73 68 61 32 35 36 2C 63 75 72 76 : 5519-sha256,curv
0030: 65 32 35 35 31 39 2D 73 68 61 32 35 36 40 6C 69 : e25519-sha256@li
0040: 62 73 73 68 2E 6F 72 67 2C 65 63 64 68 2D 73 68 : bssh.org,ecdh-sh
0050: 61 32 2D 6E 69 73 74 70 32 35 36 2C 65 63 64 68 : a2-nistp256,ecdh
0060: 2D 73 68 61 32 2D 6E 69 73 74 70 33 38 34 2C 65 : -sha2-nistp384,e
0070: 63 64 68 2D 73 68 61 32 2D 6E 69 73 74 70 35 32 : cdh-sha2-nistp52
0080: 31 2C 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 6E : 1,diffie-hellman
0090: 2D 67 72 6F 75 70 2D 65 78 63 68 61 6E 67 65 2D : -group-exchange-
00a0: 73 68 61 32 35 36 2C 64 69 66 66 69 65 2D 68 65 : sha256,diffie-he
00b0: 6C 6C 6D 61 6E 2D 67 72 6F 75 70 31 36 2D 73 68 : llman-group16-sh
00c0: 61 35 31 32 2C 64 69 66 66 69 65 2D 68 65 6C 6C : a512,diffie-hell
00d0: 6D 61 6E 2D 67 72 6F 75 70 31 38 2D 73 68 61 35 : man-group18-sha5
00e0: 31 32 2C 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 : 12,diffie-hellma
00f0: 6E 2D 67 72 6F 75 70 31 34 2D 73 68 61 32 35 36 : n-group14-sha256
0100: 00 00 00 19 72 73 61 2D 73 68 61 32 2D 35 31 32 : ....rsa-sha2-512
0110: 2C 72 73 61 2D 73 68 61 32 2D 32 35 36 00 00 00 : ,rsa-sha2-256...
0120: 6C 63 68 61 63 68 61 32 30 2D 70 6F 6C 79 31 33 : lchacha20-poly13
0130: 30 35 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 61 : 05@openssh.com,a
0140: 65 73 31 32 38 2D 63 74 72 2C 61 65 73 31 39 32 : es128-ctr,aes192
0150: 2D 63 74 72 2C 61 65 73 32 35 36 2D 63 74 72 2C : -ctr,aes256-ctr,
0160: 61 65 73 31 32 38 2D 67 63 6D 40 6F 70 65 6E 73 : aes128-gcm@opens
0170: 73 68 2E 63 6F 6D 2C 61 65 73 32 35 36 2D 67 63 : sh.com,aes256-gc
0180: 6D 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 00 00 00 : m@openssh.com...
0190: 6C 63 68 61 63 68 61 32 30 2D 70 6F 6C 79 31 33 : lchacha20-poly13
01a0: 30 35 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 61 : 05@openssh.com,a
01b0: 65 73 31 32 38 2D 63 74 72 2C 61 65 73 31 39 32 : es128-ctr,aes192
01c0: 2D 63 74 72 2C 61 65 73 32 35 36 2D 63 74 72 2C : -ctr,aes256-ctr,
01d0: 61 65 73 31 32 38 2D 67 63 6D 40 6F 70 65 6E 73 : aes128-gcm@opens
01e0: 73 68 2E 63 6F 6D 2C 61 65 73 32 35 36 2D 67 63 : sh.com,aes256-gc
01f0: 6D 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 00 00 00 : m@openssh.com...
0200: D5 75 6D 61 63 2D 36 34 2D 65 74 6D 40 6F 70 65 : .umac-64-etm@ope
0210: 6E 73 73 68 2E 63 6F 6D 2C 75 6D 61 63 2D 31 32 : nssh.com,umac-12
0220: 38 2D 65 74 6D 40 6F 70 65 6E 73 73 68 2E 63 6F : 8-etm@openssh.co
0230: 6D 2C 68 6D 61 63 2D 73 68 61 32 2D 32 35 36 2D : m,hmac-sha2-256-
0240: 65 74 6D 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C : etm@openssh.com,
0250: 68 6D 61 63 2D 73 68 61 32 2D 35 31 32 2D 65 74 : hmac-sha2-512-et
0260: 6D 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 68 6D : m@openssh.com,hm
0270: 61 63 2D 73 68 61 31 2D 65 74 6D 40 6F 70 65 6E : ac-sha1-etm@open
0280: 73 73 68 2E 63 6F 6D 2C 75 6D 61 63 2D 36 34 40 : ssh.com,umac-64@
0290: 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 75 6D 61 63 : openssh.com,umac
02a0: 2D 31 32 38 40 6F 70 65 6E 73 73 68 2E 63 6F 6D : -128@openssh.com
02b0: 2C 68 6D 61 63 2D 73 68 61 32 2D 32 35 36 2C 68 : ,hmac-sha2-256,h
02c0: 6D 61 63 2D 73 68 61 32 2D 35 31 32 2C 68 6D 61 : mac-sha2-512,hma
02d0: 63 2D 73 68 61 31 00 00 00 D5 75 6D 61 63 2D 36 : c-sha1....umac-6
02e0: 34 2D 65 74 6D 40 6F 70 65 6E 73 73 68 2E 63 6F : 4-etm@openssh.co
02f0: 6D 2C 75 6D 61 63 2D 31 32 38 2D 65 74 6D 40 6F : m,umac-128-etm@o
0300: 70 65 6E 73 73 68 2E 63 6F 6D 2C 68 6D 61 63 2D : penssh.com,hmac-
0310: 73 68 61 32 2D 32 35 36 2D 65 74 6D 40 6F 70 65 : sha2-256-etm@ope
0320: 6E 73 73 68 2E 63 6F 6D 2C 68 6D 61 63 2D 73 68 : nssh.com,hmac-sh
0330: 61 32 2D 35 31 32 2D 65 74 6D 40 6F 70 65 6E 73 : a2-512-etm@opens
0340: 73 68 2E 63 6F 6D 2C 68 6D 61 63 2D 73 68 61 31 : sh.com,hmac-sha1
0350: 2D 65 74 6D 40 6F 70 65 6E 73 73 68 2E 63 6F 6D : -etm@openssh.com
0360: 2C 75 6D 61 63 2D 36 34 40 6F 70 65 6E 73 73 68 : ,umac-64@openssh
0370: 2E 63 6F 6D 2C 75 6D 61 63 2D 31 32 38 40 6F 70 : .com,umac-128@op
0380: 65 6E 73 73 68 2E 63 6F 6D 2C 68 6D 61 63 2D 73 : enssh.com,hmac-s
0390: 68 61 32 2D 32 35 36 2C 68 6D 61 63 2D 73 68 61 : ha2-256,hmac-sha
03a0: 32 2D 35 31 32 2C 68 6D 61 63 2D 73 68 61 31 00 : 2-512,hmac-sha1.
03b0: 00 00 15 6E 6F 6E 65 2C 7A 6C 69 62 40 6F 70 65 : ...none,zlib@ope
03c0: 6E 73 73 68 2E 63 6F 6D 00 00 00 15 6E 6F 6E 65 : nssh.com....none
03d0: 2C 7A 6C 69 62 40 6F 70 65 6E 73 73 68 2E 63 6F : ,zlib@openssh.co
03e0: 6D 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 : m...............
03f0: 00 00 00 00 00 00 00 00 : ........
=> libssh2_transport_read() plain (1001 bytes)
0000: 14 7E C6 47 B5 7D 44 09 7D 4A 5D 8B D2 FB 1D 95 : .~.G.}D.}J].....
0010: 17 00 00 00 E6 63 75 72 76 65 32 35 35 31 39 2D : .....curve25519-
0020: 73 68 61 32 35 36 2C 63 75 72 76 65 32 35 35 31 : sha256,curve2551
0030: 39 2D 73 68 61 32 35 36 40 6C 69 62 73 73 68 2E : 9-sha256@libssh.
0040: 6F 72 67 2C 65 63 64 68 2D 73 68 61 32 2D 6E 69 : org,ecdh-sha2-ni
0050: 73 74 70 32 35 36 2C 65 63 64 68 2D 73 68 61 32 : stp256,ecdh-sha2
0060: 2D 6E 69 73 74 70 33 38 34 2C 65 63 64 68 2D 73 : -nistp384,ecdh-s
0070: 68 61 32 2D 6E 69 73 74 70 35 32 31 2C 64 69 66 : ha2-nistp521,dif
0080: 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F 75 : fie-hellman-grou
0090: 70 2D 65 78 63 68 61 6E 67 65 2D 73 68 61 32 35 : p-exchange-sha25
00a0: 36 2C 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 6E : 6,diffie-hellman
00b0: 2D 67 72 6F 75 70 31 36 2D 73 68 61 35 31 32 2C : -group16-sha512,
00c0: 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 : diffie-hellman-g
00d0: 72 6F 75 70 31 38 2D 73 68 61 35 31 32 2C 64 69 : roup18-sha512,di
00e0: 66 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F : ffie-hellman-gro
00f0: 75 70 31 34 2D 73 68 61 32 35 36 00 00 00 19 72 : up14-sha256....r
0100: 73 61 2D 73 68 61 32 2D 35 31 32 2C 72 73 61 2D : sa-sha2-512,rsa-
0110: 73 68 61 32 2D 32 35 36 00 00 00 6C 63 68 61 63 : sha2-256...lchac
0120: 68 61 32 30 2D 70 6F 6C 79 31 33 30 35 40 6F 70 : ha20-poly1305@op
0130: 65 6E 73 73 68 2E 63 6F 6D 2C 61 65 73 31 32 38 : enssh.com,aes128
0140: 2D 63 74 72 2C 61 65 73 31 39 32 2D 63 74 72 2C : -ctr,aes192-ctr,
0150: 61 65 73 32 35 36 2D 63 74 72 2C 61 65 73 31 32 : aes256-ctr,aes12
0160: 38 2D 67 63 6D 40 6F 70 65 6E 73 73 68 2E 63 6F : 8-gcm@openssh.co
0170: 6D 2C 61 65 73 32 35 36 2D 67 63 6D 40 6F 70 65 : m,aes256-gcm@ope
0180: 6E 73 73 68 2E 63 6F 6D 00 00 00 6C 63 68 61 63 : nssh.com...lchac
0190: 68 61 32 30 2D 70 6F 6C 79 31 33 30 35 40 6F 70 : ha20-poly1305@op
01a0: 65 6E 73 73 68 2E 63 6F 6D 2C 61 65 73 31 32 38 : enssh.com,aes128
01b0: 2D 63 74 72 2C 61 65 73 31 39 32 2D 63 74 72 2C : -ctr,aes192-ctr,
01c0: 61 65 73 32 35 36 2D 63 74 72 2C 61 65 73 31 32 : aes256-ctr,aes12
01d0: 38 2D 67 63 6D 40 6F 70 65 6E 73 73 68 2E 63 6F : 8-gcm@openssh.co
01e0: 6D 2C 61 65 73 32 35 36 2D 67 63 6D 40 6F 70 65 : m,aes256-gcm@ope
01f0: 6E 73 73 68 2E 63 6F 6D 00 00 00 D5 75 6D 61 63 : nssh.com....umac
0200: 2D 36 34 2D 65 74 6D 40 6F 70 65 6E 73 73 68 2E : -64-etm@openssh.
0210: 63 6F 6D 2C 75 6D 61 63 2D 31 32 38 2D 65 74 6D : com,umac-128-etm
0220: 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 68 6D 61 : @openssh.com,hma
0230: 63 2D 73 68 61 32 2D 32 35 36 2D 65 74 6D 40 6F : c-sha2-256-etm@o
0240: 70 65 6E 73 73 68 2E 63 6F 6D 2C 68 6D 61 63 2D : penssh.com,hmac-
0250: 73 68 61 32 2D 35 31 32 2D 65 74 6D 40 6F 70 65 : sha2-512-etm@ope
0260: 6E 73 73 68 2E 63 6F 6D 2C 68 6D 61 63 2D 73 68 : nssh.com,hmac-sh
0270: 61 31 2D 65 74 6D 40 6F 70 65 6E 73 73 68 2E 63 : a1-etm@openssh.c
0280: 6F 6D 2C 75 6D 61 63 2D 36 34 40 6F 70 65 6E 73 : om,umac-64@opens
0290: 73 68 2E 63 6F 6D 2C 75 6D 61 63 2D 31 32 38 40 : sh.com,umac-128@
02a0: 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 68 6D 61 63 : openssh.com,hmac
02b0: 2D 73 68 61 32 2D 32 35 36 2C 68 6D 61 63 2D 73 : -sha2-256,hmac-s
02c0: 68 61 32 2D 35 31 32 2C 68 6D 61 63 2D 73 68 61 : ha2-512,hmac-sha
02d0: 31 00 00 00 D5 75 6D 61 63 2D 36 34 2D 65 74 6D : 1....umac-64-etm
02e0: 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 75 6D 61 : @openssh.com,uma
02f0: 63 2D 31 32 38 2D 65 74 6D 40 6F 70 65 6E 73 73 : c-128-etm@openss
0300: 68 2E 63 6F 6D 2C 68 6D 61 63 2D 73 68 61 32 2D : h.com,hmac-sha2-
0310: 32 35 36 2D 65 74 6D 40 6F 70 65 6E 73 73 68 2E : 256-etm@openssh.
0320: 63 6F 6D 2C 68 6D 61 63 2D 73 68 61 32 2D 35 31 : com,hmac-sha2-51
0330: 32 2D 65 74 6D 40 6F 70 65 6E 73 73 68 2E 63 6F : 2-etm@openssh.co
0340: 6D 2C 68 6D 61 63 2D 73 68 61 31 2D 65 74 6D 40 : m,hmac-sha1-etm@
0350: 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 75 6D 61 63 : openssh.com,umac
0360: 2D 36 34 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C : -64@openssh.com,
0370: 75 6D 61 63 2D 31 32 38 40 6F 70 65 6E 73 73 68 : umac-128@openssh
0380: 2E 63 6F 6D 2C 68 6D 61 63 2D 73 68 61 32 2D 32 : .com,hmac-sha2-2
0390: 35 36 2C 68 6D 61 63 2D 73 68 61 32 2D 35 31 32 : 56,hmac-sha2-512
03a0: 2C 68 6D 61 63 2D 73 68 61 31 00 00 00 15 6E 6F : ,hmac-sha1....no
03b0: 6E 65 2C 7A 6C 69 62 40 6F 70 65 6E 73 73 68 2E : ne,zlib@openssh.
03c0: 63 6F 6D 00 00 00 15 6E 6F 6E 65 2C 7A 6C 69 62 : com....none,zlib
03d0: 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 00 00 00 00 : @openssh.com....
03e0: 00 00 00 00 00 00 00 00 00 : .........
[libssh2] 0.794259 Transport: Packet type 20 received, length=1001
[libssh2] 0.794268 Transport: Looking for packet of type: 20
[libssh2] 0.794288 Failure Event: -5 - Unable to exchange encryption keys
* Failure establishing ssh session: -5, Unable to exchange encryption keys
* SFTP 0x55aa6a6db1d8 state change from SSH_S_STARTUP to SSH_SESSION_FREE
[libssh2] 0.794343 Transport: Freeing session resource
[libssh2] 0.794348 Transport: Extra packets left 0
* SFTP 0x55aa6a6db1d8 state change from SSH_SESSION_FREE to SSH_STOP
* multi_done: status: 2 prem: 1 done: 0
* The cache now contains 0 members
* Closing connection 0
* Expire cleared (transfer 0x55aa6a6dbf58)
curl: (2) Failure establishing ssh session: -5, Unable to exchange encryption keys
daniel@storebror:~/src/curl [master]$
Securing a server means hardening the SSH server settings, but doing so can also cause issues with ssh clients. Finding the cipher or algorithm causing a failled connection can be tricky. Depending on the client used, the error message might be very generic like “Failed to start SSH session”.
Using a openssh client will allow increasing the log level (-v) until the cause of the problem shows up in the output. Experience has shown that most issues are not related to openssh client configuration but closed source or third-party applications that provide less details via their user interface. In the case explained here it was an iPad/iPhone app, which had updated its ssh library. The app did not provide full details about the error as space is limited.
From the first error message “Failed to start SSH session: Unable to exchange encryption keys.” it was clear that there was a fundamental issue with the connection setup, but without any details from the client debugging had to be performed on the server side.
To debug the connection issue from the ssh daemon, the following log needs to be monitored on CentOS (other distributions might log to a different file).
$ tail /var/log/secure
In debian based distributions like Ubuntu, the log file for the ssh daemon is the following.
$ tail -f /var/log/auth.log
No matching MAC algorithem
The following line should be under the last lines of the log, indicating what the initial error message already suggested. Client and server could not setup a session as they could not agree on a MAC (message authentication code) algorithm.
... sshd[5176]: fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com server hmac-sha2-512,hmac-sha2-256
But this error message already shows us more detail. It lists the client and server offered MACs. The client offered 6 MACs and the server offered 2, but no MAC is in both lists.
To continue debugging the connection issues the following MAC algorithm was enabled in the ssh daemon configuration, chosen at random from the client offered MAC algorithms. The resulting ssh daemon configuration after applying the settings from hardening the SSH server settings and with the added MAC algorithm looks like this.
# Hardening SSH configuration KexAlgorithms ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 Ciphers aes256-ctr,aes192-ctr,aes128-ctr
After changing the configuration of the ssh daemon, sshd needs to be instructed to reload its configuration.
$ service sshd reload
The next connection attempt shows the agreed MAC algorithm in “hmac-ripemd160” the log clearly.
... sshd[634]: debug2: mac_setup: found hmac-ripemd160
No matching KEX algorithm
Even with the MAC algorithm agreed, the next problem might arise when the KEX (Key EXchange) algorithm can not be negotiated. The situation about the KEX negotiation is indicated very clearly.
... sshd[6260]: fatal: Unable to negotiate a key exchange method
Sadly this message does not provide any details about the proposed KEX algorithms from either side of the connection. To debug the connection on CentOS 6 running the OpenSSH 5.3 daemon, the debug level DEBUG2 is needed. To enable the logging on the ssh server, the following line of configuration has to be added to the /etc/ssh/sshd_config. It will not alter the behaviour of the ssh daemon itself, except to add additional logging to understand the decissions made during the connection setup. This configuration should be used with care on a busy ssh daemon as it increases the amount of logging significantly.
LogLevel DEBUG2
After changing the configuration of the ssh daemon, sshd needs to be instructed to reload its configuration again. The second command will open the log file to follow the login attempt.
$ service sshd reload $ tail /var/log/secure
With the increased log level, a connection attempt will look similar to this example (here I have removed the beginning of each line where there would normally be a timestamp and the host name).
sshd[621]: debug1: Forked child 634. sshd[634]: Set /proc/self/oom_score_adj to 0 sshd[634]: debug1: rexec start in 7 out 7 newsock 7 pipe 9 sock 10 sshd[634]: debug1: inetd sockets after dupping: 3, 3 sshd[634]: Connection from 123.123.123.123 port 36462 sshd[634]: debug1: Client protocol version 2.0; client software version libssh2_1.7.0_DEV sshd[634]: debug1: no match: libssh2_1.7.0_DEV sshd[634]: debug1: Enabling compatibility mode for protocol 2.0 sshd[634]: debug1: Local version string SSH-2.0-OpenSSH_5.3 sshd[634]: debug2: fd 3 setting O_NONBLOCK sshd[634]: debug2: Network child is on pid 634 sshd[634]: debug1: permanently_set_uid: 74/74 sshd[634]: debug1: list_hostkey_types: ssh-rsa,ssh-dss sshd[634]: debug1: SSH2_MSG_KEXINIT sent sshd[634]: debug1: SSH2_MSG_KEXINIT received sshd[634]: debug2: kex_parse_kexinit: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 sshd[634]: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss sshd[634]: debug2: kex_parse_kexinit: aes256-ctr,aes192-ctr,aes128-ctr sshd[634]: debug2: kex_parse_kexinit: aes256-ctr,aes192-ctr,aes128-ctr sshd[634]: debug2: kex_parse_kexinit: hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 sshd[634]: debug2: kex_parse_kexinit: hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 sshd[634]: debug2: kex_parse_kexinit: none,zlib@openssh.com sshd[634]: debug2: kex_parse_kexinit: none,zlib@openssh.com sshd[634]: debug2: kex_parse_kexinit: sshd[634]: debug2: kex_parse_kexinit: sshd[634]: debug2: kex_parse_kexinit: first_kex_follows 0 sshd[634]: debug2: kex_parse_kexinit: reserved 0 sshd[634]: debug2: kex_parse_kexinit: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 sshd[634]: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss sshd[634]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc sshd[634]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc sshd[634]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com sshd[634]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com sshd[634]: debug2: kex_parse_kexinit: none sshd[634]: debug2: kex_parse_kexinit: none sshd[634]: debug2: kex_parse_kexinit: sshd[634]: debug2: kex_parse_kexinit: sshd[634]: debug2: kex_parse_kexinit: first_kex_follows 0 sshd[634]: debug2: kex_parse_kexinit: reserved 0 sshd[634]: debug2: mac_setup: found hmac-ripemd160 sshd[634]: debug1: kex: client->server aes128-ctr hmac-ripemd160 none sshd[634]: debug2: mac_setup: found hmac-ripemd160 sshd[634]: debug1: kex: server->client aes128-ctr hmac-ripemd160 none sshd[634]: fatal: Unable to negotiate a key exchange method sshd[634]: debug1: do_cleanup sshd[634]: debug1: do_cleanup
There is no clear indication on the offered KEX algorithms in the log. To read this information out of the log, a deeper look into where the log lines come from is necessary. What’s interesting at this point are the log lines containing the “debug2: kex_parse_kexinit:”.
Digging into the logs
A quick peek into the function kex_buf2prop() of the file kex.c on branch V_5_3 of OpenSSH reads (shortened slightly) like this.
... for (...) { debug2("kex_parse_kexinit: %s", proposal[i]); } debug2("kex_parse_kexinit: first_kex_follows %d ", i); debug2("kex_parse_kexinit: reserved %u ", i); ...
The function is called from kex_choose_conf() found in the same file. As the simplified example shows, this function is calling the above method twice.
... my = kex_buf2prop(&kex->my, NULL); peer = kex_buf2prop(&kex->peer, &first_kex_follows); ...
Without digging deeper, the name of the parameters suggest, first the function is called with the locally configured algorithms and second with the offered algorithms from the remote. In this case, that would indicate that first the proposal from the ssh deamon is logged and the second block contains the proposal from the (remote) connecting client.
As such, the “kex_parse_kexinit” lines can be seperated into the following two blocks. The first one is the ssh daemon side.
sshd[634]: debug2: kex_parse_kexinit: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 sshd[634]: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss sshd[634]: debug2: kex_parse_kexinit: aes256-ctr,aes192-ctr,aes128-ctr sshd[634]: debug2: kex_parse_kexinit: aes256-ctr,aes192-ctr,aes128-ctr sshd[634]: debug2: kex_parse_kexinit: hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 sshd[634]: debug2: kex_parse_kexinit: hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 sshd[634]: debug2: kex_parse_kexinit: none,zlib@openssh.com sshd[634]: debug2: kex_parse_kexinit: none,zlib@openssh.com sshd[634]: debug2: kex_parse_kexinit: sshd[634]: debug2: kex_parse_kexinit: sshd[634]: debug2: kex_parse_kexinit: first_kex_follows 0 sshd[634]: debug2: kex_parse_kexinit: reserved 0
- The 1st line appears to be the configured KEX algorithms (sshd_config option “KexAlgorithms”).
- The 2nd line appears to be the configured host key algorithms (sshd_config option “HostKeyAlgorithms”).
- The 3rd & 4th lines appear to be the configured ciphers (sshd_config option “Ciphers”).
- The 5th & 6th lines appear to be the configured MAC algorithms (sshd_config option “MACs”).
For some reason, which would probably require a deeper understanding of the source, the cipher and MAC list is shown twice. The block of “kex_parse_kexinit” lines ends with the line “kex_parse_kexinit: reserved 0”.
The second block is the proposals from the remote side, which is the ssh client trying to connect.
sshd[634]: debug2: kex_parse_kexinit: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 sshd[634]: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss sshd[634]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc sshd[634]: debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc sshd[634]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com sshd[634]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com sshd[634]: debug2: kex_parse_kexinit: none sshd[634]: debug2: kex_parse_kexinit: none sshd[634]: debug2: kex_parse_kexinit: sshd[634]: debug2: kex_parse_kexinit: sshd[634]: debug2: kex_parse_kexinit: first_kex_follows 0 sshd[634]: debug2: kex_parse_kexinit: reserved 0
Knowing this, we can see that the KEX algorithms from the ssh daemon and the client’s proposed KEX algorithms do not have any algorithms in common, which causes the error message we saw earlier.
Of course, enabling one of the client’s proposed KEX algorithms would allow the client to login, but enabling one of these MAC or KEX algorithms needs to be handled with care. Many of the disabled ciphers and algorithms might be disabled for security reasons as described in Harden the SSH server settings.
As a proof, one of the client’s proposed KEX algorithms (I randomly chose “diffie-hellman-group-exchange-sha1”) can be enabled in the shh daemon. The configuration might look like this with the additional KEX algorithm.
# Hardening SSH configuration KexAlgorithms ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1 MACs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 Ciphers aes256-ctr,aes192-ctr,aes128-ctr
After changing the configuration of the ssh daemon, sshd needs to be instructed to reload its configuration again.
$ service sshd reload
The next login attempt from the client should succeed as the MAC and KEX algorithms the client proposes are enabled for the ssh daemon.
Modern distributions, different log
The above explanation about interpreting the log information to find the KEX that were offered applies to conservative distributions like CentOS 6 / RHEL 6 (Red Hat Enterprise Linux) and possibly Debian. But what about modern distributions? Modern distributions like Ubuntu and possibly more recent versions of CentOS and RHEL use a more up-to-date version of OpenSSH. At the time of writing Ubuntu uses OpenSSH 7.2 where the logging is more self explanatory.
sshd[3685]: debug2: local server KEXINIT proposal [preauth] sshd[3685]: debug2: KEX algorithms: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256 [preauth] sshd[3685]: debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth] sshd[3685]: debug2: ciphers ctos: aes256-ctr,aes192-ctr,aes128-ctr [preauth] sshd[3685]: debug2: ciphers stoc: aes256-ctr,aes192-ctr,aes128-ctr [preauth] sshd[3685]: debug2: MACs ctos: hmac-sha2-512,hmac-sha2-256 [preauth] sshd[3685]: debug2: MACs stoc: hmac-sha2-512,hmac-sha2-256 [preauth] sshd[3685]: debug2: compression ctos: none,zlib@openssh.com [preauth] sshd[3685]: debug2: compression stoc: none,zlib@openssh.com [preauth] sshd[3685]: debug2: languages ctos: [preauth] sshd[3685]: debug2: languages stoc: [preauth] sshd[3685]: debug2: first_kex_follows 0 [preauth] sshd[3685]: debug2: reserved 0 [preauth] sshd[3685]: debug2: peer client KEXINIT proposal [preauth] sshd[3685]: debug2: KEX algorithms: diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth] sshd[3685]: debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss [preauth] sshd[3685]: debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth] sshd[3685]: debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se [preauth] sshd[3685]: debug2: MACs ctos: hmac-sha2-512 [preauth] sshd[3685]: debug2: MACs stoc: hmac-sha2-512 [preauth] sshd[3685]: debug2: compression ctos: none,zlib@openssh.com,zlib [preauth] sshd[3685]: debug2: compression stoc: none,zlib@openssh.com,zlib [preauth] sshd[3685]: debug2: languages ctos: [preauth] sshd[3685]: debug2: languages stoc: [preauth] sshd[3685]: debug2: first_kex_follows 0 [preauth] sshd[3685]: debug2: reserved 0 [preauth]
The above example shows that instead of the “kex_parse_kexinit” log lines, the log identifies the offered algorithms. This makes it much easier to identify the MAC, KEX and ciphers offered from both sides. There is even a line between the blocks identifying the origin of the offer.
sshd[3685]: debug2: local server KEXINIT proposal [preauth] ... sshd[3685]: debug2: peer client KEXINIT proposal [preauth]
This way, guessing and digging in the source to understand the log is not needed any more. Sady not all distributions use the newer version of OpenSSH. With CentOS 6, OpenSSH 5.3 is still the latest, patched version available in the default repositories.
Read more of my posts on my blog at https://blog.tinned-software.net/.
-
#1
I need to be able to write a script which connects to an SFTP server to retrieve a file.
My searching led me to the conclusion that I need the PHP SSH2 extension installed on my server to make this work.
I’m following the guide here:
and am stuck on point 3, which says to run the command:
Apache config:
/usr/local/cpanel/3rdparty/bin/pecl install ssh2
However, on doing so via terminal in WHM, I get the error message:
WARNING: channel «pecl.php.net» has updated its protocols, use «pecl channel-update pecl.php.net» to update
pecl/ssh2 requires PHP (version >= 4.0.0, version <= 6.0.0), installed version is 7.3.30
No valid packages found
I am running Multi-PHP, and would like to install this extension on all versions that I have running — Can anyone help me with where to go next?
Thanks
-
#2
Hey there! The output of the message indicates the problem — that specific pecl package is only available for PHP versions higher than 4 and lower than 6, which would mean you’d need to be using PHP 5.6 or older on cPanel in order to get that installed. The package is not available for newer versions of PHP, so it would be best to find a different piece of software that supports more modern installations.
-
#3
Thanks for your reply. I guess that was my question — if this is not the way to get sftp connections to work in the latest versions of PHP, what is? Thanks
-
#4
I see this has to be installed manually as a modern version isn’t included from pecl directly. You can run this command to perform that work, just modifying the php## to work with your particular version. For example, this works with PHP 7.4:
Code:
/opt/cpanel/ea-php70/root/usr/bin/pecl install https://pecl.php.net/get/ssh2-1.2.tgz
Can you try that and let me know if that works?
-
#5
Thank you, that worked and it installed successfully.
However, when attempting to use the ssh2_connect function, I receive the following error:
Error starting up SSH connection(-5): Unable to exchange encryption keys
-
#7
Forgive me, I don’t know how to check or update libssh, is there a command to do this? Thanks
-
#8
Sure thing — you can run this on the command line through SSH or through the WHM >> Terminal:
If you have automatic updates enabled on the system, it’s likely you already have the latest available.