bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-10 03:14 UTC
[Bug 2461] New: Source IP missing in log when no suitable key exchange method found
https://bugzilla.mindrot.org/show_bug.cgi?id=2461
Bug ID: 2461
Summary: Source IP missing in log when no suitable key exchange
method found
Product: Portable OpenSSH
Version: 6.0p1
Hardware: Other
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: karl at xtronics.com
Log entries such as these lack the attackers IP address
When unneeded ciphers/macs/KexAlgorithms are removed -- we get:
Jan 12 20:17:28 <<REMOVED>> sshd[8888]: fatal: Unable to negotiate a
key exchange method [preauth]
Jan 12 20:19:16 <<REMOVED>> sshd[8890]: fatal: Unable to negotiate a
key exchange method [preauth]
This prevents fail2ban and others from doing some useful attack
mitigation.
Also see:
http://lists.mindrot.org/pipermail/openssh-unix-dev/2015-January/033328.html
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-10 06:47 UTC
[Bug 2461] Source IP missing in log when no suitable key exchange method found
https://bugzilla.mindrot.org/show_bug.cgi?id=2461
Jakub Jelen <jjelen at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jjelen at redhat.com
--- Comment #1 from Jakub Jelen <jjelen at redhat.com> ---
I believe this is fixed in current openssh 7.1. I see in log:
Sep 10 08:42:12 localhost sshd[26793]: fatal: Unable to negotiate with
192.168.100.243: no matching key exchange method found. Their offer:
diffie-hellman-group-exchange-sha1 [preauth]
Upstream commit:
https://anongit.mindrot.org/openssh.git/commit/?id=f319912b0d0e1675b8bb051ed8213792c788bcb2
--
You are receiving this mail because:
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Sep-11 03:22 UTC
[Bug 2461] Source IP missing in log when no suitable key exchange method found
https://bugzilla.mindrot.org/show_bug.cgi?id=2461
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |djm at mindrot.org
Resolution|--- |FIXED
Status|NEW |RESOLVED
--- Comment #2 from Damien Miller <djm at mindrot.org> ---
Yes, this was fixed in 7.0
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Aug-02 00:41 UTC
[Bug 2461] Source IP missing in log when no suitable key exchange method found
https://bugzilla.mindrot.org/show_bug.cgi?id=2461
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #3 from Damien Miller <djm at mindrot.org> ---
Close all resolved bugs after 7.3p1 release
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Reasonably Related Threads
- [Bug 2746] New: RFE: Allow to disable SHA1 signatures for RSA
- [Bug 3184] New: Unable to add deprecated KexAlgorithms back for host via config file
- [Bug 2415] New: Public key failures are not counted and therefore not logged into syslog
- [Bug 2605] New: ssh-keyscan generates errors in /var/log/secure
- [Bug 3190] New: Inconsistent handling of private keys without accompanying public keys