LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Problem connecting with Putty to ssh-server (https://www.linuxquestions.org/questions/linux-newbie-8/problem-connecting-with-putty-to-ssh-server-4175437965/)

peng12 11-20-2012 09:32 AM
Problem connecting with Putty to ssh-server
 
Hello,

I've compiled the latest openssh-6.1p1 version from source on a debian 6 x64 machine.

The relevant part in my sshd_config:

Quote:
KexAlgorithms ecdh-sha2-nistp521
When I try to connect to the machine (Windows 8, Putty 0.62) I get an error message:

Quote:
Couldn't agree a key exchange algorithm
(available: ecdh-sha2-nistp521)
What am I doing wrong?
Maybe this algorithm isn't supported by Putty 0.62?

Thanks
peng

acid_kewpie 11-20-2012 09:49 AM
as per the KEX section of the pputty gui, it supports diffie-hellman-group-exchange-sha1, diffie-hellman-group14-sha1 and diffie-hellman-group1-sha1, not ecdh-sha2-nistp521

goossen 11-20-2012 09:49 AM
From the "PuTTY User Manual"
Quote:
PuTTY currently supports the following varieties of Diffie-Hellman key exchange:

‘Group 14’: a well-known 2048-bit group.
‘Group 1’: a well-known 1024-bit group. This is less secure than group 14, but may be faster with slow client or server machines, and may be the only method supported by older server software.
‘Group exchange’: with this method, instead of using a fixed group, PuTTY requests that the server suggest a group to use for key exchange; the server can avoid groups known to be weak, and possibly invent new ones over time, without any changes required to PuTTY's configuration. We recommend use of this method, if possible.

In addition, PuTTY supports RSA key exchange, which requires much less computational effort on the part of the client, and somewhat less on the part of the server, than Diffie-Hellman key exchange.

tekhead2 11-20-2012 09:49 AM
I did some digging and looking at the supported key exchange algorithms by putty and the one your trying to use isn't really showing up. Have you tried the nightly builds of putty, they may have some added support for this version.

acid_kewpie 11-20-2012 09:53 AM
Quote:
Originally Posted by goossen (Post 4833336)
From the "PuTTY User Manual"
They aren't Key Exchange algorithms, they are encryption algorithms... adn then you edited your post...

tekhead2 11-20-2012 09:59 AM
See I thought that it was a key exchange BEFORE the encryption to start the encrypted session. Thus the name KEXAlgorithm its a Key EXchange algorithm to security transmit the actual keys for encryption before the data is passed, so by definition they are key exchange algorithms


All times are GMT -5. The time now is 08:50 PM.