```group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group1
Starting SSHv2 session
Sending version...
Negotiating algorithms... (
transport: No acceptable key exchange algorithm (server offered 'curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-
Connection closed.
```
... wants diffie-hellman-group1-sha1, you will need to add it to the
allowed KexAlgorithms in sshd_config. It's disabled by default for a
reason ...
[code]
~$ sudo service ssh start
[....] Starting OpenBSD Secure Shell server: sshd/etc/ssh/sshd_config line 23: Bad SSH2 cipher spec '+ssh-rsa'.
failed!
~$
[/code]
The installed version is OpenSSH_7.4p1 Debian-10+deb9u7.
I have not found a way to get around this and I'd say that downgrading to an earlier version would not be acceptable.
That's a HostKeyAlgorithm, not a Cipher. If the message you posted was correct, then you probably want Ciphers +3des-cbc.
[code]
~$ sudo service ssh start
[....] Starting OpenBSD Secure Shell server: sshd/etc/ssh/sshd_config line 23: Bad SSH2 cipher spec '+des-cbc'.
failed!
~$
[/code]
... should be able to get it to work.Thanks for the encouragement, it would be great.
... Psion 5mx - I loved that thing ...Now *that's* serious harware.
I think I had already tried that.
To check, I edited the destination system's /etc/ssh/sshd_config file again to change it to:
[code]
# Ciphers and keying
Ciphers +des-cbc
[/code]
You're missing the leading 3, it's 3des (triple des).Quite so ... 8^/
... will also need MACs +hmac-sha1 ...
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 296 |
Nodes: | 16 (2 / 14) |
Uptime: | 83:52:08 |
Calls: | 6,658 |
Calls today: | 4 |
Files: | 12,203 |
Messages: | 5,333,527 |
Posted today: | 1 |