[SOLVED] How to access a SSH server with diffie-hellman-group1-sha1 ?

Xeratul · 12-24-2022, 12:13 AM

Hello,

On a running debian machine, I try to access an old PC with SSH.

Code:

pi@debian:~ $ ssh linux@192.168.1.21

Unable to negotiate with 192.168.1.21 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

pi@debian:~ $

How to get that ssh working?

Xeratul · 12-24-2022, 12:18 AM

ROOT:

1.) Add this to /etc/ssh/ssh_config

KexAlgorithms diffie-hellman-group1-sha1
# ,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
# Ciphers 3des-cbc,blowfish-cbc,aes128-cbc,aes128-ctr,aes256-ctr
Ciphers aes128-cbc

2.) service ssh restart

user:

3.) rm -rf ~/.ssh

4.) ssh ... and it works.

Turbocapitalist · 12-24-2022, 02:42 AM

Quote:

Originally Posted by Xeratul

4.) ssh ... and it works.

For some definitions of "works". Which distro are you connecting to? There should be a more recent version of OpenSSH server in the backports repository so that you don't have to use insecure methods.