[erlang-questions] sshd self connect problems

Alexander Petrovsky askjuise@REDACTED
Thu Oct 4 23:13:08 CEST 2018


Hello, I've some strange problem, when I run ssh server and try to connect
to it from code on the same machine I've got an error:

Selection of key exchange algorithm failed

Server:

> ssh:daemon(Port, [{system_dir,            "/etc/ssh"},
>                               {subsystems,
>  [wm_ssh_sftp_ext:subsystem_spec(),
>
>  ssh_sftpd:subsystem_spec([{cwd, _CWD = "/"}])]},
>                               {user_passwords,    [{"user", "pass"}]}]).


Client:

> Opts = [{user, "user"},
>              {password, "pass"},
>              {silently_accept_hosts, true}],
> ssh:connect(Node, Port, Opts, _Timeout = 5000).


When I capture ssh traffic I find out that the server doesn't suggest
`host_key_algorithms`

                kex_algorithms length: 257
>                 kex_algorithms string [truncated]:
> ecdh-sha2-nistp384,ecdh-sha2-nistp521,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-grou
>                 server_host_key_algorithms length: 0
>                 server_host_key_algorithms string: [Empty]
>                 encryption_algorithms_client_to_server length: 98
>                 encryption_algorithms_client_to_server string:
> aes256-gcm@REDACTED,aes256-ctr,aes192-ctr,aes128-gcm@REDACTED
> ,aes128-ctr,aes128-cbc,3des-cbc
>                 encryption_algorithms_server_to_client length: 98
>                 encryption_algorithms_server_to_client string:
> aes256-gcm@REDACTED,aes256-ctr,aes192-ctr,aes128-gcm@REDACTED
> ,aes128-ctr,aes128-cbc,3des-cbc
>                 mac_algorithms_client_to_server length: 37
>                 mac_algorithms_client_to_server string:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1
>                 mac_algorithms_server_to_client length: 37
>                 mac_algorithms_server_to_client string:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1
>                 compression_algorithms_client_to_server length: 26
>                 compression_algorithms_client_to_server string: none,
> zlib@REDACTED,zlib
>                 compression_algorithms_server_to_client length: 26
>                 compression_algorithms_server_to_client string: none,
> zlib@REDACTED,zlib
>                 languages_client_to_server length: 0
>                 languages_client_to_server string: [Empty]
>                 languages_server_to_client length: 0
>                 languages_server_to_client string: [Empty]
>                 First KEX Packet Follows: 0
>                 Reserved: 00000000
>             Padding String: 21850013139a828f718a


But the client has some values:

                kex_algorithms length: 257
>                 kex_algorithms string [truncated]:
> ecdh-sha2-nistp384,ecdh-sha2-nistp521,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-grou
>                 server_host_key_algorithms length: 101
>                 server_host_key_algorithms string:
> ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ecdsa-sha2-nistp256,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss
>                 encryption_algorithms_client_to_server length: 98
>                 encryption_algorithms_client_to_server string:
> aes256-gcm@REDACTED,aes256-ctr,aes192-ctr,aes128-gcm@REDACTED
> ,aes128-ctr,aes128-cbc,3des-cbc
>                 encryption_algorithms_server_to_client length: 98
>                 encryption_algorithms_server_to_client string:
> aes256-gcm@REDACTED,aes256-ctr,aes192-ctr,aes128-gcm@REDACTED
> ,aes128-ctr,aes128-cbc,3des-cbc
>                 mac_algorithms_client_to_server length: 37
>                 mac_algorithms_client_to_server string:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1
>                 mac_algorithms_server_to_client length: 37
>                 mac_algorithms_server_to_client string:
> hmac-sha2-256,hmac-sha2-512,hmac-sha1
>                 compression_algorithms_client_to_server length: 26
>                 compression_algorithms_client_to_server string: none,
> zlib@REDACTED,zlib
>                 compression_algorithms_server_to_client length: 26
>                 compression_algorithms_server_to_client string: none,
> zlib@REDACTED,zlib
>                 languages_client_to_server length: 0
>                 languages_client_to_server string: [Empty]
>                 languages_server_to_client length: 0
>                 languages_server_to_client string: [Empty]
>                 First KEX Packet Follows: 0
>                 Reserved: 00000000
>             Padding String: 49945334a432cfa4a0371700f6


Could someone help me please resolve this problem?

-- 
Петровский Александр / Alexander Petrovsky,

Skype: askjuise
Phone: +7 931 9877991
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20181005/64312e38/attachment.htm>


More information about the erlang-questions mailing list