Hi, Well in Twisted checked out directly from GitHub, this seems to work:
ssh -vv -oKexAlgorithms=ecdh-sha2-nistp256 -oMACs=hmac-sha2-512 user@localhost and these fail: ssh -vv -oKexAlgorithms=diffie-hellman-group1-sha1 -oMACs=hmac-sha2-512 user@localhost ssh -vv -oKexAlgorithms=diffie-hellman-group14-sha1 -oMACs=hmac-sha2-512 user@localhost ssh -vv -oKexAlgorithms=ecdh-sha2-nistp384 -oMACs=hmac-sha2-512 user@localhost ssh -vv -oKexAlgorithms=ecdh-sha2-nistp521 -oMACs=hmac-sha2-512 user@localhost -- Craig On Thu, Dec 29, 2016 at 4:47 AM, 陈健 <chenjianhappy2...@126.com> wrote: > hi, > Yes, you are right. ssh -vv -oKexAlgorithms=diffie-hellman-group14-sha1 > -oMACs=hmac-sha2-512 user@localhost > against a Twisted ssh server, and i saw the problem. The reason is that > twisted(16.6.0) is not supported the diffie-hellman-group14-sha1 and > ecdh-sha512-nistp512 > key exchange algorithms well, right ? > > -- > > JianChen > > > At 2016-12-29 16:06:55, "Craig Rodrigues" <rodr...@crodrigues.org> wrote: > > Abhishek Choudhary pointed out to me that you can reproduce this problem > easily, even with OpenSSH client. > Look at https://twistedmatrix.com/trac/ticket/8258 > > and do: > > ssh -vv -oKexAlgorithms=diffie-hellman-group14-sha1 -oMACs=hmac-sha2-512 > user@localhost > > against a Twisted ssh server, and you will see the problem. > > > -- > > Craig > > > > On Thu, Dec 29, 2016 at 1:17 AM, 陈健 <chenjianhappy2...@126.com> wrote: > >> >> hi, >> Yes, your understanding is correct. I must set the hmac-sha2-512 >> option unable with SecureCRT, it will be OK. I searched Google for a long >> time, still did not find the any clues! >> >> Twisted Server + OpenSSH client == WORKS >> Twisted Server + Xshell client == WORKS >> OpenSSH Server + SecureCRT client == WORKS >> Twisted Server + SecureCRT client == FAIL >> >> -- >> JianChen >> >> >> 在 2016-12-29 12:35:57,"Craig Rodrigues" <rodr...@crodrigues.org> 写道: >> >> Hi, >> >> Is this what you are saying: >> >> Twisted Server + OpenSSH client == WORKS >> Twisted Server + Xshell client == WORKS >> OpenSSH Server + SecureCRT client == WORKS >> Twisted Server + SecureCRT client == FAIL >> >> ?? >> >> I don't have SecureCRT client, so don't know the solution to this problem. >> >> You might want to try searching the SecureCRT site and see if there are >> any clues >> there: >> >> https://goo.gl/UkKZvI >> >> -- >> Craig >> >> On Wed, Dec 28, 2016 at 9:39 PM, 陈健 <chenjianhappy2...@126.com> wrote: >> >>> >>> >>> hi: >>> Oh, I'm sorry, It is my server-side code has bugs with >>> Twisted(16.6.0) Conch, that i have fixed it . But 'Message >>> Authentication Code did not verify (packet #3)' error will occurs with >>> the SecureCRT(8.0.0 or 7.3.4) client. If I connect OpenSSH_5.3p1 (or >>> OpenSSH_6.6.1p1 ) sshd server through the SecureCRT client, it is fine. >>> Of course, if I connect Twisted SSH server by using the Xshell client with >>> hmac-sha2-512 options or “ssh -m hmac-sha2-512”,it is OK. I do not >>> know if it is SecureCRT client bug or twisted problem. >>> *http://stackoverflow.com/questions/41296412/securecrt-hmac-sha2-512-message-authentication-code-did-not-verify-packet-3 >>> <http://stackoverflow.com/questions/41296412/securecrt-hmac-sha2-512-message-authentication-code-did-not-verify-packet-3>* >>> >>> >> >> >> > > > > >
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
