Hi,
All ciphers provided by your client are insecure: RC4 is insecure, CBC mode
of operation is insecure, client does not provide anything else.
GCM is not supported by libssh2. CTR is not supported by wincng, though I
think I saw some code to emulate it on top of ECB, wonder why it didn't
work for you. I can't comment on chacha, but it may also be unimplemented
in libssh2.
Regards,
Daniel
wt., 26 mar 2019 o 00:34 William Shipley <william_at_schuylerhouse.com>
napisał(a):
> I've built libssh2 with wincng and have been testing with the CrushFTP
> server. All has been working smoothly. In trying to install my software at
> a
> client site, they are attempting to use AWS SFTP service. When performing
> the libssh2_session_handshake I am failing with a KEX error.
>
> A log from the server indicates:
>
> Mar 25 13:58:14 pathlabsrv sshd[4988]: fatal: no matching cipher found:
> client
> aes256-cbc,rijndael-cbc_at_lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc
>
> server
> aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm_at_openssh.com,
> aes256-gcm_at_openssh.com,chacha20-poly1305_at_openssh.com
> [preauth]
>
> And, indeed, we do not have a matching cipher. I would have expected
> Windows
> cryptography to be generally 'vanilla' and I would have expected Amazon to
> support pretty much anything. From my limited experience they seem to have
> used Open SSH.
>
> Has anyone encountered this? Can anyone give me guidance?
>
> Wm
>
> -----Original Message-----
> From: Daniel Stenberg
> Sent: Monday, March 25, 2019 12:37 PM
> To: libssh2 development
> Subject: RELEASE: libssh2 1.8.2
>
> Hi!
>
> I'm happy to announce a small update to the previous release as we managed
> to
> get a little hiccup included. Here's 1.8.2!
>
> Get it from https://www.libssh2.org/ as always!
>
> libssh2 1.8.2
>
> This release includes the following bugfixes:
>
> o Fixed the misapplied userauth patch that broke 1.8.1
> o moved the MAX size declarations from the public header
>
> This release would not have looked like this without help, code, reports
> and
> advice from friends like these:
>
> Will Cosgrove
> (1 contributors)
>
> --
>
> / daniel.haxx.se
> _______________________________________________
> libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
>
> _______________________________________________
> libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
>
_______________________________________________
libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2019-03-26