owl700 at gmail.com
2018-Nov-23 11:23 UTC
Debian Stretch 9.6: openssh-server and old dropbear client don't work togheter
Il giorno gio 22 nov 2018 alle ore 21:24 Stuart Henderson <stu at spacehopper.org> ha scritto:> > On 2018/11/22 19:55, owl700 at gmail.com wrote: > > Hi, I have compatibility issues with the latest version of > > openssh-server and an old dropbear client, the dopbear client stops at > > preauth > > > > ov 22 14:34:03 myhostname sshd[3905]: debug1: Client protocol version > > 2.0; client software version dropbear_0.46 > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: no match: dropbear_0.46 > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: Local version string > > SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u4 > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: Enabling compatibility > > mode for protocol 2.0 > > Nov 22 14:34:03 myhostname sshd[3905]: debug2: fd 3 setting O_NONBLOCK > > Nov 22 14:34:03 myhostname sshd[3905]: debug2: Network child is on pid 3906 > > Nov 22 14:34:03 myhostname sshd[3905]: debug3: preauth child monitor started > > Nov 22 14:34:03 myhostname sshd[3905]: debug3: privsep user:group > > 106:65534 [preauth] > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: permanently_set_uid: > > 106/65534 [preauth] > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: list_hostkey_types: > > ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256 [preauth] > > Nov 22 14:34:03 myhostname sshd[3905]: debug3: send packet: type 20 [preauth] > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: SSH2_MSG_KEXINIT sent [preauth] > > > > Can you help? > > That ~13-year-old version of dbclient only has weak key exchange methods - > diffie-hellman-group1-sha1, "OpenSSH supports this method, but does not > enable it by default because is weak and within theoretical range of the > so-called Logjam attack" and diffie-hellman-group1-dss, disabled by default > in OpenSSH in 2015. > > Also only weak CBC-mode ciphers, disabled by default in 2014. > > The right answer is to run a newer client. > > If there's no way to do that, least worst is probably to connect to > a jump host on the LAN (locked-down as much as possible), running > modern OpenSSH sshd but with weak kex/ciphers enabled, in this > case you could use something like > > KexAlgorithms +diffie-hellman-group1-sha1 > Ciphers +aes128-cbc > > This is still not recommended, but at least you could keep the weak > crypto off the internet this way.Thanks Stuart I have tried to use the right KexAlgorithm and Ciphers, but dropbear client fail always myhostname sshd[3905]: debug1: SSH2_MSG_KEXINIT sent [preauth] There aren't other debug messages Only for test purpose i have add all options i can in /etc/sshd_config, but nothing, what am I doing wrong? Ciphers 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,arcfour128,arcfour256,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com HostbasedAcceptedKeyTypes ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com HostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,curve25519-sha256,curve25519-sha256 at libssh.org MACs hmac-sha1,hmac-sha1-96,hmac-sha2-256,hmac-sha2-512,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160 at openssh.com,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha1-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-md5-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-ripemd160-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com PubkeyAcceptedKeyTypes ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com
Stuart Henderson
2018-Nov-23 13:04 UTC
Debian Stretch 9.6: openssh-server and old dropbear client don't work togheter
On 2018/11/23 12:23, owl700 at gmail.com wrote:> Il giorno gio 22 nov 2018 alle ore 21:24 Stuart Henderson > <stu at spacehopper.org> ha scritto: > > > > On 2018/11/22 19:55, owl700 at gmail.com wrote: > > > Hi, I have compatibility issues with the latest version of > > > openssh-server and an old dropbear client, the dopbear client stops at > > > preauth > > > > > > ov 22 14:34:03 myhostname sshd[3905]: debug1: Client protocol version > > > 2.0; client software version dropbear_0.46 > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: no match: dropbear_0.46 > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: Local version string > > > SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u4 > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: Enabling compatibility > > > mode for protocol 2.0 > > > Nov 22 14:34:03 myhostname sshd[3905]: debug2: fd 3 setting O_NONBLOCK > > > Nov 22 14:34:03 myhostname sshd[3905]: debug2: Network child is on pid 3906 > > > Nov 22 14:34:03 myhostname sshd[3905]: debug3: preauth child monitor started > > > Nov 22 14:34:03 myhostname sshd[3905]: debug3: privsep user:group > > > 106:65534 [preauth] > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: permanently_set_uid: > > > 106/65534 [preauth] > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: list_hostkey_types: > > > ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256 [preauth] > > > Nov 22 14:34:03 myhostname sshd[3905]: debug3: send packet: type 20 [preauth] > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: SSH2_MSG_KEXINIT sent [preauth] > > > > > > Can you help? > > > > That ~13-year-old version of dbclient only has weak key exchange methods - > > diffie-hellman-group1-sha1, "OpenSSH supports this method, but does not > > enable it by default because is weak and within theoretical range of the > > so-called Logjam attack" and diffie-hellman-group1-dss, disabled by default > > in OpenSSH in 2015. > > > > Also only weak CBC-mode ciphers, disabled by default in 2014. > > > > The right answer is to run a newer client. > > > > If there's no way to do that, least worst is probably to connect to > > a jump host on the LAN (locked-down as much as possible), running > > modern OpenSSH sshd but with weak kex/ciphers enabled, in this > > case you could use something like > > > > KexAlgorithms +diffie-hellman-group1-sha1 > > Ciphers +aes128-cbc > > > > This is still not recommended, but at least you could keep the weak > > crypto off the internet this way. > > Thanks Stuart > > I have tried to use the right KexAlgorithm and Ciphers, but dropbear > client fail always > > myhostname sshd[3905]: debug1: SSH2_MSG_KEXINIT sent [preauth] > > There aren't other debug messages > > Only for test purpose i have add all options i can in > /etc/sshd_config, but nothing, what am I doing wrong? > > Ciphers 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,arcfour128,arcfour256,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com > HostbasedAcceptedKeyTypes > ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com > HostKeyAlgorithms > ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com > KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,curve25519-sha256,curve25519-sha256 at libssh.org > MACs hmac-sha1,hmac-sha1-96,hmac-sha2-256,hmac-sha2-512,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160 at openssh.com,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha1-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-md5-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-ripemd160-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com > PubkeyAcceptedKeyTypes > ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.comNot sure, but I *was* able to connect from dropbear 0.46 dbclient with just the two lines I mentioned added to sshd_config (and config reloaded of course). When things didn't match up I did have error messages displayed by the client, which are likely to be more useful than server-side messages in this case.
owl700 at gmail.com
2018-Nov-23 16:03 UTC
Debian Stretch 9.6: openssh-server and old dropbear client don't work togheter
Il giorno ven 23 nov 2018 alle ore 14:04 Stuart Henderson <stu at spacehopper.org> ha scritto:> > On 2018/11/23 12:23, owl700 at gmail.com wrote: > > Il giorno gio 22 nov 2018 alle ore 21:24 Stuart Henderson > > <stu at spacehopper.org> ha scritto: > > > > > > On 2018/11/22 19:55, owl700 at gmail.com wrote: > > > > Hi, I have compatibility issues with the latest version of > > > > openssh-server and an old dropbear client, the dopbear client stops at > > > > preauth > > > > > > > > ov 22 14:34:03 myhostname sshd[3905]: debug1: Client protocol version > > > > 2.0; client software version dropbear_0.46 > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: no match: dropbear_0.46 > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: Local version string > > > > SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u4 > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: Enabling compatibility > > > > mode for protocol 2.0 > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug2: fd 3 setting O_NONBLOCK > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug2: Network child is on pid 3906 > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug3: preauth child monitor started > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug3: privsep user:group > > > > 106:65534 [preauth] > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: permanently_set_uid: > > > > 106/65534 [preauth] > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: list_hostkey_types: > > > > ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256 [preauth] > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug3: send packet: type 20 [preauth] > > > > Nov 22 14:34:03 myhostname sshd[3905]: debug1: SSH2_MSG_KEXINIT sent [preauth] > > > > > > > > Can you help? > > > > > > That ~13-year-old version of dbclient only has weak key exchange methods - > > > diffie-hellman-group1-sha1, "OpenSSH supports this method, but does not > > > enable it by default because is weak and within theoretical range of the > > > so-called Logjam attack" and diffie-hellman-group1-dss, disabled by default > > > in OpenSSH in 2015. > > > > > > Also only weak CBC-mode ciphers, disabled by default in 2014. > > > > > > The right answer is to run a newer client. > > > > > > If there's no way to do that, least worst is probably to connect to > > > a jump host on the LAN (locked-down as much as possible), running > > > modern OpenSSH sshd but with weak kex/ciphers enabled, in this > > > case you could use something like > > > > > > KexAlgorithms +diffie-hellman-group1-sha1 > > > Ciphers +aes128-cbc > > > > > > This is still not recommended, but at least you could keep the weak > > > crypto off the internet this way. > > > > Thanks Stuart > > > > I have tried to use the right KexAlgorithm and Ciphers, but dropbear > > client fail always > > > > myhostname sshd[3905]: debug1: SSH2_MSG_KEXINIT sent [preauth] > > > > There aren't other debug messages > > > > Only for test purpose i have add all options i can in > > /etc/sshd_config, but nothing, what am I doing wrong? > > > > Ciphers 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,arcfour128,arcfour256,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com > > HostbasedAcceptedKeyTypes > > ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com > > HostKeyAlgorithms > > ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com > > KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,curve25519-sha256,curve25519-sha256 at libssh.org > > MACs hmac-sha1,hmac-sha1-96,hmac-sha2-256,hmac-sha2-512,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160 at openssh.com,umac-64 at openssh.com,umac-128 at openssh.com,hmac-sha1-etm at openssh.com,hmac-sha1-96-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-md5-etm at openssh.com,hmac-md5-96-etm at openssh.com,hmac-ripemd160-etm at openssh.com,umac-64-etm at openssh.com,umac-128-etm at openssh.com > > PubkeyAcceptedKeyTypes > > ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa-cert-v01 at openssh.com,ssh-dss-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com > > Not sure, but I *was* able to connect from dropbear 0.46 dbclient > with just the two lines I mentioned added to sshd_config (and config > reloaded of course). > > When things didn't match up I did have error messages displayed by > the client, which are likely to be more useful than server-side messages > in this case.I have installed debian 8.11 with SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u7 With this SSH version,and the 2 lines,dropbear 0.46 client works Thanks