X2Go Bug report logs - #1373
kex error : no match for method mac algo

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: Danie de Jager <danie.dejager@striata.com>

Date: Mon, 18 Feb 2019 09:10:02 UTC

Severity: normal

Merged with 1374

Full log


🔗 View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#1373: kex error : no match for method mac algo
Reply-To: Danie de Jager <danie.dejager@striata.com>, 1373@bugs.x2go.org
Resent-From: Danie de Jager <danie.dejager@striata.com>
Resent-To: x2go-dev@lists.x2go.org
Resent-CC: owner@bugs.x2go.org
X-Loop: owner@bugs.x2go.org
Resent-Date: Mon, 18 Feb 2019 09:10:02 +0000
Resent-Message-ID: <handler.1373.B.155048089627515@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: report 1373
X-X2Go-PR-Package: client
X-X2Go-PR-Keywords: 
Received: via spool by submit@bugs.x2go.org id=B.155048089627515
          (code B); Mon, 18 Feb 2019 09:10:02 +0000
Received: (at submit) by bugs.x2go.org; 18 Feb 2019 09:08:16 +0000
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.0 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,URIBL_BLOCKED autolearn=ham
	autolearn_force=no version=3.4.2
Received: from localhost (localhost [127.0.0.1])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id DD9915DAF2
	for <submit@bugs.x2go.org>; Mon, 18 Feb 2019 10:08:14 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de
Received: from ymir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 1k7l5WNRC3dq for <submit@bugs.x2go.org>;
	Mon, 18 Feb 2019 10:08:05 +0100 (CET)
Received: from mail-yb1-xb2a.google.com (mail-yb1-xb2a.google.com [IPv6:2607:f8b0:4864:20::b2a])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 8AF8F5DAF1
	for <submit@bugs.x2go.org>; Mon, 18 Feb 2019 10:08:05 +0100 (CET)
Received: by mail-yb1-xb2a.google.com with SMTP id j62so6502595ybb.1
        for <submit@bugs.x2go.org>; Mon, 18 Feb 2019 01:08:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=striata.com; s=google2;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
        bh=NDq1RQlJryjKiBvpR2ZInkZM25Xn8rA+0PwZRzsZqes=;
        b=eZw2okzfr9tB9dtWopCg0BGFVvFZxEzkaWaqZu1glOtjmOxndD2DevwtJWCIkCGi6C
         8Lhbzb8A3wFbOAIIz2QsUpzoLe7itcCUYT7bQs2k6IcuVXJy2Z1bYKt/kYru36YcKiwy
         ELWa/KbIaPvvARCKKic6pGSEDrVVji5RgJijNPS+mH1NXedMVSWfsjFrIAuSQ+nErINB
         6OoLjOOtBqS2IJr8Bmp/uwLAELUqTYlNjYPdV2VaM6YIePEgXF14WTiSkq+e8tUJi2ka
         9dH67+TlE3PiT7N26WBdc7UcscplaN6TtCgrEYMapBcP6Y3YsEWhvqu2nSCtA6Dc95fP
         R6Ig==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to;
        bh=NDq1RQlJryjKiBvpR2ZInkZM25Xn8rA+0PwZRzsZqes=;
        b=IDixsCAfPK295F2xAjQpJnHjSwOi5lzSekro1ntp0xvCtEHb9I2IX04aUM+SbhmTsF
         ilFdIInkrSBSqxuXrEUbY+F6T4cBiZy98bJk9Zh08MUNWtxnEaFVM6iFvLEpJiqUMT9N
         pdcOfmhqY+sqSo5Nv3RrTSJq0e/7hpz+PjZc/BXu5ITIZwJpIWtR69B7vtH8O1Wdt64i
         C6rCOpWYlbyZ+0MXSROxMTI4ruXvlXM7cT7XweSfZ889D/9A2AznVsS1c8bnnlml3L8v
         5+oNw9N5nFhkMS+is88A0wOMhxxptNEebr7rbgHFSOgtNps1xlL1zH/B3imLJwwp5XzR
         i1bA==
X-Gm-Message-State: AHQUAubxHu1j+fK+ew5tBHrTf7Ir/uwFyqiZmxTUHbkqcBlT3p6Vtk0v
	7jd3sMYqOig0wM2I0ja7CbQoV/LazopJB3j9TYKM1xbWHCRyCA==
X-Google-Smtp-Source: AHgI3IapbvjGcnhxMWKg+wQ++WTAYQxYY0g2mmbrLMtCl84i0ialCcrBwqfcQU/LFy7LitUR5dqXujGLQk7U398M1BE=
X-Received: by 2002:a5b:98c:: with SMTP id c12mr17864155ybq.280.1550480883650;
 Mon, 18 Feb 2019 01:08:03 -0800 (PST)
MIME-Version: 1.0
References: <CAC6Wms4dZ5ruZiSw7MFB1scoD=V2sEjeSHmdgZk1e9rWVaK9tw@mail.gmail.com>
In-Reply-To: <CAC6Wms4dZ5ruZiSw7MFB1scoD=V2sEjeSHmdgZk1e9rWVaK9tw@mail.gmail.com>
From: Danie de Jager <danie.dejager@striata.com>
Date: Mon, 18 Feb 2019 11:07:37 +0200
Message-ID: <CAC6Wms7es6nynsT0Vj-_sNyAbT14RCSBs6Fb91NRLeMcy5QAhQ@mail.gmail.com>
To: submit@bugs.x2go.org
Content-Type: multipart/alternative; boundary="0000000000004d2cc9058227763d"
[Message part 1 (text/plain, inline)]
Package: client

The client does not support chacha20 as I get this error when I try to
connect to the X2Go server. I did harden my SSH configuration as guided by
Mozzila
https://infosec.mozilla.org/guidelines/openssh

When I use defaults it works fine. It seems that the library used by X2Go
is missing some newer methods.

Config:
server ssh config:
KexAlgorithms curve25519-sha256@libssh.org
,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,
aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,
umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com

Client sshd config:
Client using default sshd config

or

HashKnownHosts yes
HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,
ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,
ecdsa-sha2-nistp521-cert-v01@openssh.com,
ecdsa-sha2-nistp384-cert-v01@openssh.com,
ecdsa-sha2-nistp256-cert-v01@openssh.com
,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256
KexAlgorithms curve25519-sha256@libssh.org
,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,
umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,
aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr

Error:
"kex error : no match for method mac algo client->server: server [
hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,
umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com],
client [hmac-sha1]"

or sometimes

"crypt_set_algorithms2: no crypto algorithm function found for
chacha20-poly1305@openssh.com"

Let me know if I can provide more information.

Regards,
*Danie de Jager*
[Message part 2 (text/html, inline)]

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Mon Feb 24 00:16:01 2020; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.