[Freedos-user] Some struggle with SSH2DOS (solved)

Ulrich Hansen Sat, 06 May 2017 21:31:07 -0700

From: Ulrich Hansen <my.gr...@mailbox.org>


Hi all,

Thanks to Jerome, there is now SSH2DOS in the FreeDOS net repo, which is great!

Unfortunately even this free SSH client is getting a bit rusty, the latest
version is 11 years old.

As I found out, it wouldnrCOt connect to my server (Ubuntu 16.04 LTS).
But it still connected fine to a Debian Wheezy machine.

In the end I found the problem: OpenSSH versions >=6.7 have disabled a
necessary KexAlgorithm and a Cipher.

Here is a report. I also posted it on the SSH2DOS page on SourceForge.

Hope this helps others eventually...
Ulrich



1. The solution:

Add the following lines to /etc/ssh/sshd_config on the server:

Ciphers aes128-cbc
KexAlgorithms diffie-hellman-group-exchange-sha1


2. The problem:

SSH2DOS works fine with a Debian Wheezy machine with OpenSSH 6.0.

But it does not connect to a Debian 8 machine with OpenSSH 6.7.
It also does not connect to a Ubuntu 16.04 server with OpenSSH 7.2.

SSH2DOS gives the following error code:

C:\> ssh2d386 username 192.168.1.136
SSH2DOS v0.2.1. 386+ version
Remote host closed connection
DH key exchange failed
Socket write error. File: transprt.c, line:698
Remote reset connection

On the server /var/log/auth.log says:
Jan 23 00:17:25 debian8 sshd [1883]: fatal: Unable to negotiate a key exchange
method [preauth]

SSH2D386 with the -d option writes the following DEBUG.PKT:


-------------------

RECEIVED packet:
14 63 99 7B 69 DA 8E 90 00 02 0A 69 D1 32 93 26
E1 00 00 00 96 63 75 72 76 65 32 35 35 31 39 2D
73 68 61 32 35 36 40 6C 69 62 73 73 68 2E 6F 72
67 2C 65 63 64 68 2D 73 68 61 32 2D 6E 69 73 74
70 32 35 36 2C 65 63 64 68 2D 73 68 61 32 2D 6E
69 73 74 70 33 38 34 2C 65 63 64 68 2D 73 68 61
32 2D 6E 69 73 74 70 35 32 31 2C 64 69 66 66 69
65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F 75 70 2D
65 78 63 68 61 6E 67 65 2D 73 68 61 32 35 36 2C
64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67
72 6F 75 70 31 34 2D 73 68 61 31 00 00 00 41 73
73 68 2D 72 73 61 2C 72 73 61 2D 73 68 61 32 2D
35 31 32 2C 72 73 61 2D 73 68 61 32 2D 32 35 36
2C 65 63 64 73 61 2D 73 68 61 32 2D 6E 69 73 74
70 32 35 36 2C 73 73 68 2D 65 64 32 35 35 31 39
00 00 00 6C 63 68 61 63 68 61 32 30 2D 70 6F 6C
79 31 33 30 35 40 6F 70 65 6E 73 73 68 2E 63 6F
6D 2C 61 65 73 31 32 38 2D 63 74 72 2C 61 65 73
31 39 32 2D 63 74 72 2C 61 65 73 32 35 36 2D 63
74 72 2C 61 65 73 31 32 38 2D 67 63 6D 40 6F 70
65 6E 73 73 68 2E 63 6F 6D 2C 61 65 73 32 35 36
2D 67 63 6D 40 6F 70 65 6E 73 73 68 2E 63 6F 6D
00 00 00 6C 63 68 61 63 68 61 32 30 2D 70 6F 6C
79 31 33 30 35 40 6F 70 65 6E 73 73 68 2E 63 6F
6D 2C 61 65 73 31 32 38 2D 63 74 72 2C 61 65 73
31 39 32 2D 63 74 72 2C 61 65 73 32 35 36 2D 63
74 72 2C 61 65 73 31 32 38 2D 67 63 6D 40 6F 70
65 6E 73 73 68 2E 63 6F 6D 2C 61 65 73 32 35 36
2D 67 63 6D 40 6F 70 65 6E 73 73 68 2E 63 6F 6D
00 00 00 D5 75 6D 61 63 2D 36 34 2D 65 74 6D 40
6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 75 6D 61 63
2D 31 32 38 2D 65 74 6D 40 6F 70 65 6E 73 73 68
2E 63 6F 6D 2C 68 6D 61 63 2D 73 68 61 32 2D 32
35 36 2D 65 74 6D 40 6F 70 65 6E 73 73 68 2E 63
6F 6D 2C 68 6D 61 63 2D 73 68 61 32 2D 35 31 32
2D 65 74 6D 40 6F 70 65 6E 73 73 68 2E 63 6F 6D
2C 68 6D 61 63 2D 73 68 61 31 2D 65 74 6D 40 6F
70 65 6E 73 73 68 2E 63 6F 6D 2C 75 6D 61 63 2D
36 34 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 75
6D 61 63 2D 31 32 38 40 6F 70 65 6E 73 73 68 2E
63 6F 6D 2C 68 6D 61 63 2D 73 68 61 32 2D 32 35
36 2C 68 6D 61 63 2D 73 68 61 32 2D 35 31 32 2C
68 6D 61 63 2D 73 68 61 31 00 00 00 D5 75 6D 61
63 2D 36 34 2D 65 74 6D 40 6F 70 65 6E 73 73 68
2E 63 6F 6D 2C 75 6D 61 63 2D 31 32 38 2D 65 74
6D 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 68 6D
61 63 2D 73 68 61 32 2D 32 35 36 2D 65 74 6D 40
6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 68 6D 61 63
2D 73 68 61 32 2D 35 31 32 2D 65 74 6D 40 6F 70
65 6E 73 73 68 2E 63 6F 6D 2C 68 6D 61 63 2D 73
68 61 31 2D 65 74 6D 40 6F 70 65 6E 73 73 68 2E
63 6F 6D 2C 75 6D 61 63 2D 36 34 40 6F 70 65 6E
73 73 68 2E 63 6F 6D 2C 75 6D 61 63 2D 31 32 38
40 6F 70 65 6E 73 73 68 2E 63 6F 6D 2C 68 6D 61
63 2D 73 68 61 32 2D 32 35 36 2C 68 6D 61 63 2D
73 68 61 32 2D 35 31 32 2C 68 6D 61 63 2D 73 68
61 31 00 00 00 15 6E 6F 6E 65 2C 7A 6C 69 62 40
6F 70 65 6E 73 73 68 2E 63 6F 6D 00 00 00 15 6E
6F 6E 65 2C 7A 6C 69 62 40 6F 70 65 6E 73 73 68
2E 63 6F 6D 00 00 00 00 00 00 00 00 00 00 00 00
00
..c.{i......i.2.&
......curve25519-
sha...@libssh.or
g,ecdh-sha2-nist
p256,ecdh-sha2-n
istp384,ecdh-sha
2-nistp521,diffi
e-hellman-group-
exchange-sha256,
diffie-hellman-g
roup14-sha1...As
sh-rsa,rsa-sha2-
512,rsa-sha2-256
,ecdsa-sha2-nist
p256,ssh-ed25519
....lchacha20-pol
y1...@openssh.co
m,aes128-ctr,aes
192-ctr,aes256-c
tr,aes128-gcm@op
enssh.com,aes256
-g...@openssh.com
....lchacha20-pol
y1...@openssh.co
m,aes128-ctr,aes
192-ctr,aes256-c
tr,aes128-gcm@op
enssh.com,aes256
-g...@openssh.com
.....umac-64-etm@
openssh.com,umac
-128-etm@openssh
..com,hmac-sha2-2
56-etm@openssh.c
om,hmac-sha2-512
-e...@openssh.com
,hmac-sha1-etm@o
penssh.com,umac-
6...@openssh.com,u
mac-128@openssh.
com,hmac-sha2-25
6,hmac-sha2-512,
hmac-sha1....uma
c-64-etm@openssh
..com,umac-128-et
m...@openssh.com,hm
ac-sha2-256-etm@
openssh.com,hmac
-sha2-512-etm@op
enssh.com,hmac-s
ha1-etm@openssh.
com,umac-64@open
ssh.com,umac-128
@openssh.com,hma
c-sha2-256,hmac-
sha2-512,hmac-sh
a1....none,zlib@
openssh.com....n
one,zlib@openssh
..com............
..

SENT packet:
14 8D 73 ED D0 96 BE 48 9A 89 61 74 E7 41 14 CE
FC 00 00 00 22 64 69 66 66 69 65 2D 68 65 6C 6C
6D 61 6E 2D 67 72 6F 75 70 2D 65 78 63 68 61 6E
67 65 2D 73 68 61 31 00 00 00 07 73 73 68 2D 64
73 73 00 00 00 0A 61 65 73 31 32 38 2D 63 62 63
00 00 00 0A 61 65 73 31 32 38 2D 63 62 63 00 00
00 09 68 6D 61 63 2D 73 68 61 31 00 00 00 09 68
6D 61 63 2D 73 68 61 31 00 00 00 09 6E 6F 6E 65
2C 7A 6C 69 62 00 00 00 09 6E 6F 6E 65 2C 7A 6C
69 62 00 00 00 00 00 00 00 00 00 00 00 00 00
...s....H..at.A..
....."diffie-hell
man-group-exchan
ge-sha1....ssh-d
ss....aes128-cbc
.....aes128-cbc..
...hmac-sha1....h
mac-sha1....none
,zlib....none,zl
ib.............

SENT packet:
1E 00 00 04 00
......

SENT packet:
62 00 00 00 00 00 00 00 07 70 74 79 2D 72 65 71
01 00 00 00 05 78 74 65 72 6D 00 00 00 50 00 00
00 18 00 00 00 00 00 00 00 00 00 00 00 00
b........pty-req
......xterm...P..
...............
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Freedos-user mailing list
Freedos-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-user

--- Internet Rex 2.29
 * Origin: capcity2.synchro.net - 502/875-8938 (276:10/901)
--- Synchronet 3.15a-Linux ListGate 1.3
 *  Capitol City Online - Frankfort, KY - telnet://capitolcityonline.net


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Freedos-user mailing list
Freedos-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-user

[Freedos-user] Some struggle with SSH2DOS (solved)

Reply via email to