X2Go Bug report logs - #1374
[X2Go-Dev] Bug#1373: kex error : no match for method mac algo

Package: x2goclient; Maintainer for x2goclient is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goclient is src:x2goclient.

Reported by: Antenore <antenore@simbiosi.org>

Date: Mon, 18 Feb 2019 11:45:02 UTC

Severity: normal

Merged with 1373

Full log


🔗 View this message in rfc822 format

X-Loop: owner@bugs.x2go.org
Subject: Bug#1374: [X2Go-Dev] Bug#1373: kex error : no match for method mac algo
Reply-To: Antenore <antenore@simbiosi.org>, 1374@bugs.x2go.org
Resent-From: Antenore <antenore@simbiosi.org>
Resent-To: x2go-dev@lists.x2go.org
Resent-CC: owner@bugs.x2go.org
X-Loop: owner@bugs.x2go.org
Resent-Date: Mon, 18 Feb 2019 11:45:02 +0000
Resent-Message-ID: <handler.1374.B.155049005511351@bugs.x2go.org>
Resent-Sender: owner@bugs.x2go.org
X-X2Go-PR-Message: report 1374
X-X2Go-PR-Package: client
X-X2Go-PR-Keywords: 
Received: via spool by submit@bugs.x2go.org id=B.155049005511351
          (code B); Mon, 18 Feb 2019 11:45:02 +0000
Received: (at submit) by bugs.x2go.org; 18 Feb 2019 11:40:55 +0000
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=3.0 tests=BAYES_00,URIBL_BLOCKED
	autolearn=unavailable autolearn_force=no version=3.4.2
Received: from localhost (localhost [127.0.0.1])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 60AD45DAF2
	for <submit@bugs.x2go.org>; Mon, 18 Feb 2019 12:40:54 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de
Received: from ymir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id AgZr7nI7a4Uw for <submit@bugs.x2go.org>;
	Mon, 18 Feb 2019 12:40:48 +0100 (CET)
X-Greylist: delayed 4201 seconds by postgrey-1.35 at ymir.das-netzwerkteam.de; Mon, 18 Feb 2019 12:40:47 CET
Received: from 10.mo68.mail-out.ovh.net (10.mo68.mail-out.ovh.net [46.105.79.203])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 3F3685DAF1
	for <submit@bugs.x2go.org>; Mon, 18 Feb 2019 12:40:47 +0100 (CET)
Received: from player755.ha.ovh.net (unknown [10.109.146.168])
	by mo68.mail-out.ovh.net (Postfix) with ESMTP id 7E6621164CE
	for <submit@bugs.x2go.org>; Mon, 18 Feb 2019 11:22:23 +0100 (CET)
Received: from simbiosi.org (252.234.197.178.dynamic.wless.lssmb00p-cgnat.res.cust.swisscom.ch [178.197.234.252])
	(Authenticated sender: antenore@simbiosi.org)
	by player755.ha.ovh.net (Postfix) with ESMTPSA id 8A23A2E7C0FA;
	Mon, 18 Feb 2019 10:22:18 +0000 (UTC)
Date: Mon, 18 Feb 2019 11:22:16 +0100
User-Agent: K-9 Mail for Android
In-Reply-To: <CAC6Wms7es6nynsT0Vj-_sNyAbT14RCSBs6Fb91NRLeMcy5QAhQ@mail.gmail.com>
References: <CAC6Wms4dZ5ruZiSw7MFB1scoD=V2sEjeSHmdgZk1e9rWVaK9tw@mail.gmail.com> <CAC6Wms7es6nynsT0Vj-_sNyAbT14RCSBs6Fb91NRLeMcy5QAhQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain;
 charset=utf-8
Content-Transfer-Encoding: quoted-printable
To: Danie de Jager <danie.dejager@striata.com>,1373@bugs.x2go.org,submit@bugs.x2go.org
From: Antenore <antenore@simbiosi.org>
Message-ID: <770B1326-8C3F-418C-9EBF-E2861A673325@simbiosi.org>
X-Ovh-Tracer-Id: 9754515321009295622
X-VR-SPAMSTATE: OK
X-VR-SPAMSCORE: -100
X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedtledrledvgdeliecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd
Package: client

Hi Daniel,

I'm just a reader, but X2GO uses libssh, that support the Kex you are
using, so first of all, you have to install an updated version of libssh
and eventually check if it has been compiled with the support of these
algorithms.

Normally, I think, on the X2GO side there is nothing more to do.

Have a look here:

https://www.libssh.org/features/

On 18 February 2019 10:07:37 CET, Danie de Jager <danie.dejager@striata.com> wrote:
>Package: client
>
>The client does not support chacha20 as I get this error when I try to
>connect to the X2Go server. I did harden my SSH configuration as guided
>by
>Mozzila
>https://infosec.mozilla.org/guidelines/openssh
>
>When I use defaults it works fine. It seems that the library used by
>X2Go
>is missing some newer methods.
>
>Config:
>server ssh config:
>KexAlgorithms curve25519-sha256@libssh.org
>,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
>Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,
>aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
>MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,
>umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
>
>Client sshd config:
>Client using default sshd config
>
>or
>
>HashKnownHosts yes
>HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,
>ssh-rsa-cert-v01@openssh.com,ssh-ed25519,ssh-rsa,
>ecdsa-sha2-nistp521-cert-v01@openssh.com,
>ecdsa-sha2-nistp384-cert-v01@openssh.com,
>ecdsa-sha2-nistp256-cert-v01@openssh.com
>,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256
>KexAlgorithms curve25519-sha256@libssh.org
>,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
>MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,
>umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com
>Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,
>aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
>
>Error:
>"kex error : no match for method mac algo client->server: server [
>hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,
>umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com],
>client [hmac-sha1]"
>
>or sometimes
>
>"crypt_set_algorithms2: no crypto algorithm function found for
>chacha20-poly1305@openssh.com"
>
>Let me know if I can provide more information.
>
>Regards,
>*Danie de Jager*

Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Sun Jan 29 09:47:14 2023; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.