Problem upgrading from 3.2 to 3.3.1

Problem upgrading from 3.2 to 3.3.1

[Nick Popoff]

In other words, the 3.3.1 ssh.exe does not accept legacy kex algorithms at
all, no matter what.  I no longer can log in to Solaris.  For example, it
DOES NOT accept the following:

 

C:/cygwin64/home/Nick> ssh.exe -o KexAlgorithms=+diffie-hellman-group14-sha1
nick@host.com

Unable to negotiate with 50.248.140.9 port 22: no matching host key type
found. Their offer: ssh-rsa,ssh-dss

 

Version 3.2 had no problem with legacy algorithms.  Can somebody explain as
to what is going on here.  Is it a bug?  Or a deliberate break of
compatibility?

 

==================

 

Now I Am having severe problem with 'ssh'.  A simple login command like:

 

Ssh nick@....com <mailto:nick@....com> 

 

Results in the following response:

 

 

C:/cygwin64/home/Nick> ssh host.com

Unable to negotiate with <IP> port 22: no matching key exchange method
found. Their offer:
gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,
diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

 

This is a fresh install of Cygwin on a clean Windows 11.  I went back to 3.2
for now as I cannot work with 3.3.1.

 

Nick

 

 

Re: Problem upgrading from 3.2 to 3.3.1

[Takashi Yano]

On Sun, 7 Nov 2021 18:44:28 -0500
"Nick Popoff" wrote:
> In other words, the 3.3.1 ssh.exe does not accept legacy kex algorithms at
> all, no matter what.  I no longer can log in to Solaris.  For example, it
> DOES NOT accept the following:
> 
> C:/cygwin64/home/Nick> ssh.exe -o KexAlgorithms=+diffie-hellman-group14-sha1
> nick@host.com
> 
> Unable to negotiate with 50.248.140.9 port 22: no matching host key type
> found. Their offer: ssh-rsa,ssh-dss
> 
> Version 3.2 had no problem with legacy algorithms.  Can somebody explain as
> to what is going on here.  Is it a bug?  Or a deliberate break of
> compatibility?

I think this is not due to upgrading cygwin, but due to upgrading
OpenSSH to 8.8p1.

As release note of OpenSSH 8.8p1 says, adding following lines to
~/.ssh/config will solve the issue.

Host *
	HostkeyAlgorithms +ssh-rsa
	PubkeyAcceptedAlgorithms +ssh-rsa

-- 
Takashi Yano <takashi.yano@nifty.ne.jp>

Problem upgrading from 3.2 to 3.3.1

[Nick Popoff]

In other words, the 3.3.1 ssh.exe does not accept legacy kex algorithms at
all, no matter what.  I no longer can log in to Solaris.  For example, it
DOES NOT accept the following:

 

C:/cygwin64/home/Nick> ssh.exe -o KexAlgorithms=+diffie-hellman-group14-sha1
nick@host.com

Unable to negotiate with 50.248.140.9 port 22: no matching host key type
found. Their offer: ssh-rsa,ssh-dss

 

Version 3.2 had no problem with legacy algorithms.  Can somebody explain as
to what is going on here.  Is it a bug?  Or a deliberate break of
compatibility?

 

==================

 

Now I Am having severe problem with 'ssh'.  A simple login command like:

 

Ssh nick@....com <mailto:nick@....com> 

 

Results in the following response:

 

 

C:/cygwin64/home/Nick> ssh host.com

Unable to negotiate with <IP> port 22: no matching key exchange method
found. Their offer:
gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,
diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

 

This is a fresh install of Cygwin on a clean Windows 11.  I went back to 3.2
for now as I cannot work with 3.3.1.

 

Nick