KeyExchangeError exception
belkir opened this issue · 12 comments
Bug reports
Steps to reproduce:
- Example code that produces error:
Python 3.8.3 (default, Jun 18 2020, 20:51:40)
[GCC 4.8.5 20150623 (Red Hat 4.8.5-39)] on linux
Type "help", "copyright", "credits" or "license" for more information.
import socket
from ssh2.session import Sessionhost = '10.10.11.121'
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.connect((host, 22))
session = Session()
session.handshake(sock)
Traceback (most recent call last):
File "", line 1, in
File "ssh2/session.pyx", line 105, in ssh2.session.Session.handshake
File "ssh2/utils.pyx", line 138, in ssh2.utils.handle_error_codes
ssh2.exceptions.KeyExchangeError
- ssh -vvv 10.10.11.121
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug2: resolving "10.10.11.121" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 10.10.11.121 [10.10.11.121] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
debug1: Remote protocol version 2.0, remote software version Cisco-1.25
debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x60000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.10.11.121:22 as 'root'
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /root/.ssh/known_hosts:6
debug3: load_hostkeys: loaded 1 keys from 10.10.11.121
debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c
debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-dss
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa
debug2: ciphers ctos: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
debug2: MACs stoc: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: diffie-hellman-group-exchange-sha1
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-cbc MAC: hmac-sha1 compression: none
debug1: kex: client->server cipher: aes128-cbc MAC: hmac-sha1 compression: none
debug1: kex: diffie-hellman-group-exchange-sha1 need=20 dh_need=20
debug1: kex: diffie-hellman-group-exchange-sha1 need=20 dh_need=20
debug3: send packet: type 34
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<4096<8192) sent
debug3: receive packet: type 31
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug2: bits set: 2011/4096
debug3: send packet: type 32
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug3: receive packet: type 33
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:CQS0yuck6Ka996k/NVyfvKrHDLi7mMtrRAOmcNdt4cA
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /root/.ssh/known_hosts:6
debug3: load_hostkeys: loaded 1 keys from 10.10.11.121
debug1: Host '10.10.11.121' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:6
debug2: bits set: 2048/4096
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: key: /root/.ssh/id_rsa (0x56062f6e25a0)
debug2: key: /root/.ssh/id_dsa ((nil))
debug2: key: /root/.ssh/id_ecdsa ((nil))
debug2: key: /root/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive,password
debug3: start over, passed a different list publickey,keyboard-interactive,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive,password
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ed25519
debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 60
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Additional info: [libssh2 version 0.23.0, RHEL7]
Hi!
Getting a KeyExchangeError while connecting to old Cisco router.
Any ideas how to fix that?
Would need a libssh2 trace to say what the issue is. Would think the server is using a configuration libssh2 does not support.
Would need a libssh2 trace to say what the issue is. Would think the server is using a configuration libssh2 does not support.
Ok, how I can trace libssh2 connection?
Additional info:
debug from Cisco Router:
Nov 17 06:38:21.592: SSH3: starting SSH control process
Nov 17 06:38:21.592: SSH3: sent protocol version id SSH-2.0-Cisco-1.25
Nov 17 06:38:21.636: SSH3: protocol version id is - SSH-2.0-libssh2_1.9.0_DEV
Nov 17 06:38:21.640: SSH2 3: SSH2_MSG_KEXINIT sent
Nov 17 06:38:21.640: SSH2 3: SSH2_MSG_KEXINIT received
Nov 17 06:38:21.640: SSH2:kex: client->server enc:aes256-cbc mac:hmac-sha1
Nov 17 06:38:21.640: SSH2:kex: server->client enc:aes256-cbc mac:hmac-sha1
Nov 17 06:38:21.680: SSH2 3: SSH2_MSG_KEX_DH_GEX_REQUEST received
Nov 17 06:38:21.680: SSH2 3: Range sent by client is - 1024 < 1536 < 2048
Nov 17 06:38:21.680: SSH2 3: Invalid modulus length
Nov 17 06:38:21.780: SSH3: Session disconnected - error 0x00
Tracing functionality is not merged into master yet, will show code to enable libssh2 tracing then. It will also need to be compiled into libssh2.
Looking at debug above, looks like method_pref would need to be used to select a different key exchange method. Method pref functions are now implemented - #128
The Openssh client is also using different client key type, might not be related.
If this is an old cisco router is too possible that KexAlghoritms were different to the system default.
take into consideration the next trace:
Nov 17 06:38:21.680: SSH2 3: SSH2_MSG_KEX_DH_GEX_REQUEST received
Nov 17 06:38:21.680: SSH2 3: Range sent by client is - 1024 < 1536 < 2048
Nov 17 06:38:21.680: SSH2 3: Invalid modulus length
I have the same error, connecting to an CentOS8 stream system. Normal ssh connection will work.
SSH config of my target:
PORT STATE SERVICE
22/tcp open ssh
| ssh2-enum-algos:
| kex_algorithms: (1)
| curve25519-sha256@libssh.org
| server_host_key_algorithms: (4)
| ssh-rsa
| rsa-sha2-512
| rsa-sha2-256
| ssh-ed25519
| encryption_algorithms: (2)
| chacha20-poly1305@openssh.com
| aes256-gcm@openssh.com
| mac_algorithms: (2)
| hmac-sha2-512-etm@openssh.com
| hmac-sha2-256-etm@openssh.com
| compression_algorithms: (2)
| none
|_ zlib@openssh.com
libssh2: libssh2-1.9.0-7.fc34.x86_64
server log:
no matching cipher found. Their offer: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,rijndael-cbc@lysator.liu.
se,aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc,none [preauth]
It looks like libssh2 don't support modern ciphers.
Thanks for the feedback.
There is a new version of libssh2 available, will re-test once ssh2-python has been updated.
The above does not appear to be the same issue though.
In the meantime, I have switched to ssh-python, which will use libssh instant of libssh2. Here the new ciphers will work.
Use the high level clients in parallel-ssh instead of either ssh-python or ssh2-python directly. Unless you are feeling particularly masochistic.
if an openssh system, sshd_config can support libssh2 with PubkeyAcceptedKeyTypes and/or HostKeyAlgorithms options filled in. check the manual page first man sshd_config and see re: ssh -Q cipher
Closing as cannot reproduce.