You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
OpenSSH_6.6.1p1 Ubuntu-2ubuntu2, OpenSSL 1.0.1f 6 Jan 2014
Here is a printout of ssh -Tv github.com when I use your suggested github configuration in /etc/ssh/ssh_config:
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/<>/.ssh/config
debug1: /home/<>/.ssh/config line 1: Applying options for *
debug1: /home/<>/.ssh/config line 38: Applying options for github.procure
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 24: Applying options for *
debug1: Hostname has changed; re-reading configuration
debug1: Reading configuration data /home/mmangione/.ssh/config
debug1: /home/<>/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for github.com
debug1: /etc/ssh/ssh_config line 24: Applying options for *
debug1: Connecting to github.com [192.30.252.130] port 22.
debug1: Connection established.
debug1: identity file /home/<>/.ssh/id_rsa type 1
debug1: identity file /home/<>/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version libssh-0.6.0
debug1: no match: libssh-0.6.0
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes256-ctr hmac-sha2-512 none
debug1: kex: client->server aes256-ctr hmac-sha2-512 none
Unable to negotiate a key exchange method
Here is a printout of the KexMethod lines commented out in /etc/ssh/ssh_config:
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/<>/.ssh/config
debug1: /home/<>/.ssh/config line 1: Applying options for *
debug1: /home/<>/.ssh/config line 38: Applying options for github.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 24: Applying options for *
debug1: Hostname has changed; re-reading configuration
debug1: Reading configuration data /home/<>/.ssh/config
debug1: /home/<>/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for github.com
debug1: /etc/ssh/ssh_config line 24: Applying options for *
debug1: Connecting to github.com [192.30.252.129] port 22.
debug1: Connection established.
debug1: identity file /home/<>/.ssh/id_rsa type 1
debug1: identity file /home/<>/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version libssh-0.6.0
debug1: no match: libssh-0.6.0
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes256-ctr hmac-sha2-512 none
debug1: kex: client->server aes256-ctr hmac-sha2-512 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /home/<>/.ssh/known_hosts:42
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/<>/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: <>
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: id_rsa2
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
Which is the expected output for a successful connection. Any thoughts?
Why am I being forced to use ECDH as a kex method?
The text was updated successfully, but these errors were encountered:
I had the same issue. /etc/ssh/ssh_config says that all options are changed only once, so the first time you change KexAlgorithms under HostName *, it's valid for all else. The solution is to move your HostName * block with default options to the end of the .ssh/config file. Then the Host github.com block will override the default settings.
OpenSSH_6.6.1p1 Ubuntu-2ubuntu2, OpenSSL 1.0.1f 6 Jan 2014
Here is a printout of
ssh -Tv github.com
when I use your suggested github configuration in /etc/ssh/ssh_config:OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/<>/.ssh/config
debug1: /home/<>/.ssh/config line 1: Applying options for *
debug1: /home/<>/.ssh/config line 38: Applying options for github.procure
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 24: Applying options for *
debug1: Hostname has changed; re-reading configuration
debug1: Reading configuration data /home/mmangione/.ssh/config
debug1: /home/<>/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for github.com
debug1: /etc/ssh/ssh_config line 24: Applying options for *
debug1: Connecting to github.com [192.30.252.130] port 22.
debug1: Connection established.
debug1: identity file /home/<>/.ssh/id_rsa type 1
debug1: identity file /home/<>/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version libssh-0.6.0
debug1: no match: libssh-0.6.0
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes256-ctr hmac-sha2-512 none
debug1: kex: client->server aes256-ctr hmac-sha2-512 none
Unable to negotiate a key exchange method
Here is a printout of the KexMethod lines commented out in /etc/ssh/ssh_config:
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/<>/.ssh/config
debug1: /home/<>/.ssh/config line 1: Applying options for *
debug1: /home/<>/.ssh/config line 38: Applying options for github.com
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 24: Applying options for *
debug1: Hostname has changed; re-reading configuration
debug1: Reading configuration data /home/<>/.ssh/config
debug1: /home/<>/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for github.com
debug1: /etc/ssh/ssh_config line 24: Applying options for *
debug1: Connecting to github.com [192.30.252.129] port 22.
debug1: Connection established.
debug1: identity file /home/<>/.ssh/id_rsa type 1
debug1: identity file /home/<>/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: Remote protocol version 2.0, remote software version libssh-0.6.0
debug1: no match: libssh-0.6.0
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes256-ctr hmac-sha2-512 none
debug1: kex: client->server aes256-ctr hmac-sha2-512 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
debug1: Host 'github.com' is known and matches the RSA host key.
debug1: Found key in /home/<>/.ssh/known_hosts:42
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/<>/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: <>
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: id_rsa2
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
Which is the expected output for a successful connection. Any thoughts?
Why am I being forced to use ECDH as a kex method?
The text was updated successfully, but these errors were encountered: