[winswitch] Issue 270: Winswitch unable to connect over ssh from MS Windows to server running openssh 6.7

Fabian Ritzmann frtrack-winswitch at yahoo.com
Tue Aug 18 08:49:10 BST 2015


Hi,

Since I am Trac-impaired (see my previous email to this mailing list), I am sending my comments via email. I was trying to connect from a MacBook with Winswitch 0.12.21-r5329 to an Arch Linux server running OpenSSH 7.0p1. The SSH server is refusing the connection with this error message:

sshd[20761]: fatal: Unable to negotiate with 10.128.133.54: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 [preauth]

This looks like the same issue that this Windows user reported in <https://winswitch.org/trac/ticket/270> with OpenSSH 6.7. The suggested work-around in the issue is to reenable the DH SHA1 key exchange, which I don't consider an option because it compromises security and exposes the host to the Logjam attack.

I would hope that this issue gets more traction because it is an issue with any secure installation of OpenSSH and not specific to the Windows Winswitch client.

Fabian



More information about the shifter-users mailing list