From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <sharuzzaman@gmail.com>
Received: from mail-vk1-xa2b.google.com (mail-vk1-xa2b.google.com
 [IPv6:2607:f8b0:4864:20::a2b])
 by sourceware.org (Postfix) with ESMTPS id 871293858D31
 for <cygwin@cygwin.com>; Sun, 19 Apr 2020 12:31:40 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 871293858D31
Received: by mail-vk1-xa2b.google.com with SMTP id j188so1817042vkc.2
 for <cygwin@cygwin.com>; Sun, 19 Apr 2020 05:31:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to;
 bh=KZ+n383qp11a7Lm189aGsfo922m7u6qY9RWlhjDwB/g=;
 b=C1HmxEf2EhJ0gwbO+VVzhQduZu92KvFiaH6186TZHbUjNB5r1A/tOJq8qcDEZqqmpv
 t1VdOufoX4OnnS9ur6dmCks4PXQ/6fJfL2R+XHVzlV2CSxxGkE6HK52lpekhqOLI7456
 tBEJwk8Rwqpps9M6l9PPPV7uRj3Vp/PuIegGensuP7ld+YgbNVZjHmH4fXm8l1XVY9Cy
 oB4itXWKR1/9b+MZKFEYg2tgeQOF5lAMji4n8ps7DigdnhjPOUzYV1v8ttJrshAFFnLt
 0hRV9P/gK8MNCMqh0p/ua8oMyN20JkkmzKzg0Lki+T4WKv99Ix8LLlhWsGTyP/L106ZI
 h9Jw==
X-Gm-Message-State: AGi0PuZDbvhlTYhkYDi3auwm3oYpnu4GFsV54lsaBEILJ10R1yzg5age
 F4BeHmgz+uRZfUY6t3bbDVDpGcMuQInaenQGxtmyHnuvgWI=
X-Google-Smtp-Source: APiQypI8pr5PPmutk74uvayWupLdUJAMUWC1KYsbRPcehUZZkRnfKzjmYP6TWwPWqofFb+1cWpNc9thKmJqZ7RmXh2o=
X-Received: by 2002:a1f:3649:: with SMTP id d70mr7687059vka.12.1587299499729; 
 Sun, 19 Apr 2020 05:31:39 -0700 (PDT)
MIME-Version: 1.0
References: <CAPJ9Yc-qyZCVUKiBrRN7_Qm0Fx5bmujBE6iefk2Jp93HsJj9SA@mail.gmail.com>
In-Reply-To: <CAPJ9Yc-qyZCVUKiBrRN7_Qm0Fx5bmujBE6iefk2Jp93HsJj9SA@mail.gmail.com>
From: Sharuzzaman Ahmat Raslan <sharuzzaman@gmail.com>
Date: Sun, 19 Apr 2020 20:31:28 +0800
Message-ID: <CAK+zucnzzzdVoT=eKXyzJ6yuAy5NK6FUc54a_u7VqEfDAStVNA@mail.gmail.com>
Subject: Re: latest openssh can not connect to older server
To: cygwin@cygwin.com
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, HTML_MESSAGE,
 RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
X-BeenThere: cygwin@cygwin.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <http://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-request@cygwin.com?subject=help>
List-Subscribe: <http://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=subscribe>
X-List-Received-Date: Sun, 19 Apr 2020 12:31:43 -0000

Hi.

New OpenSSH client will not connect to server that use SHA1.

Please refer to this: https://www.openssh.com/legacy.html

You should configure your old server to use more modern cipher

Thank you

On Sun, 19 Apr 2020, 8:13 pm David Bala=C5=BEic via Cygwin, <cygwin@cygwin.=
com>
wrote:

> Hi!
>
> I tried to backup some files from my server with scp and failed:
>
> $ scp  -v  root@the.server:/root/a.file  .
> Executing: program /usr/bin/ssh host the.server, user root, command
> scp -v -f /root/a.file
> OpenSSH_8.2p1, OpenSSL 1.1.1f  31 Mar 2020
> debug1: Connecting to the.server [192.168.1.11] port 22.
> debug1: Connection established.
> debug1: identity file /home/stein/.ssh/id_rsa type -1
> debug1: identity file /home/stein/.ssh/id_rsa-cert type -1
> debug1: identity file /home/stein/.ssh/id_dsa type -1
> debug1: identity file /home/stein/.ssh/id_dsa-cert type -1
> debug1: identity file /home/stein/.ssh/id_ecdsa type -1
> debug1: identity file /home/stein/.ssh/id_ecdsa-cert type -1
> debug1: identity file /home/stein/.ssh/id_ecdsa_sk type -1
> debug1: identity file /home/stein/.ssh/id_ecdsa_sk-cert type -1
> debug1: identity file /home/stein/.ssh/id_ed25519 type -1
> debug1: identity file /home/stein/.ssh/id_ed25519-cert type -1
> debug1: identity file /home/stein/.ssh/id_ed25519_sk type -1
> debug1: identity file /home/stein/.ssh/id_ed25519_sk-cert type -1
> debug1: identity file /home/stein/.ssh/id_xmss type -1
> debug1: identity file /home/stein/.ssh/id_xmss-cert type -1
> debug1: Local version string SSH-2.0-OpenSSH_8.2
> debug1: Remote protocol version 2.0, remote software version
> dropbear_2011.54
> debug1: no match: dropbear_2011.54
> debug1: Authenticating to the.server:22 as 'root'
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: algorithm: (no match)
> Unable to negotiate with 192.168.1.11 port 22: no matching key
> exchange method found. Their offer:
> diffie-hellman-group1-sha1,diffie-hellman-group14-sha1
>
>
> I tried OpenSSH_8.0p1-2 which is still available in the cygwin
> setup-x86_64.exe wizard and that version works fine.
> (the version above is 8.2.p1-1 in the setup wizard)
>
> Regards,
> David
> --
> Problem reports:      https://cygwin.com/problems.html
> FAQ:                  https://cygwin.com/faq/
> Documentation:        https://cygwin.com/docs.html
> Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple
>