From unknown Thu Mar 28 10:09:20 2024 X-Loop: owner@bugs.x2go.org Subject: Bug#1374: [X2Go-Dev] Bug#1373: kex error : no match for method mac algo Reply-To: Antenore , 1374@bugs.x2go.org Resent-From: Antenore Resent-To: x2go-dev@lists.x2go.org Resent-CC: owner@bugs.x2go.org X-Loop: owner@bugs.x2go.org Resent-Date: Mon, 18 Feb 2019 11:45:02 +0000 Resent-Message-ID: Resent-Sender: owner@bugs.x2go.org X-X2Go-PR-Message: report 1374 X-X2Go-PR-Package: client X-X2Go-PR-Keywords: Received: via spool by submit@bugs.x2go.org id=B.155049005511351 (code B); Mon, 18 Feb 2019 11:45:02 +0000 Received: (at submit) by bugs.x2go.org; 18 Feb 2019 11:40:55 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=3.0 tests=BAYES_00,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 60AD45DAF2 for ; Mon, 18 Feb 2019 12:40:54 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AgZr7nI7a4Uw for ; Mon, 18 Feb 2019 12:40:48 +0100 (CET) X-Greylist: delayed 4201 seconds by postgrey-1.35 at ymir.das-netzwerkteam.de; Mon, 18 Feb 2019 12:40:47 CET Received: from 10.mo68.mail-out.ovh.net (10.mo68.mail-out.ovh.net [46.105.79.203]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 3F3685DAF1 for ; Mon, 18 Feb 2019 12:40:47 +0100 (CET) Received: from player755.ha.ovh.net (unknown [10.109.146.168]) by mo68.mail-out.ovh.net (Postfix) with ESMTP id 7E6621164CE for ; Mon, 18 Feb 2019 11:22:23 +0100 (CET) Received: from simbiosi.org (252.234.197.178.dynamic.wless.lssmb00p-cgnat.res.cust.swisscom.ch [178.197.234.252]) (Authenticated sender: antenore@simbiosi.org) by player755.ha.ovh.net (Postfix) with ESMTPSA id 8A23A2E7C0FA; Mon, 18 Feb 2019 10:22:18 +0000 (UTC) Date: Mon, 18 Feb 2019 11:22:16 +0100 User-Agent: K-9 Mail for Android In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable To: Danie de Jager ,1373@bugs.x2go.org,submit@bugs.x2go.org From: Antenore Message-ID: <770B1326-8C3F-418C-9EBF-E2861A673325@simbiosi.org> X-Ovh-Tracer-Id: 9754515321009295622 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedtledrledvgdeliecutefuodetggdotefrodftvfcurfhrohhfihhlvgemucfqggfjpdevjffgvefmvefgnecuuegrihhlohhuthemucehtddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd Package: client Hi Daniel, I'm just a reader, but X2GO uses libssh, that support the Kex you are using, so first of all, you have to install an updated version of libssh and eventually check if it has been compiled with the support of these algorithms=2E Normally, I think, on the X2GO side there is nothing more to do=2E Have a look here: https://www=2Elibssh=2Eorg/features/ On 18 February 2019 10:07:37 CET, Danie de Jager wrote: >Package: client > >The client does not support chacha20 as I get this error when I try to >connect to the X2Go server=2E I did harden my SSH configuration as guided >by >Mozzila >https://infosec=2Emozilla=2Eorg/guidelines/openssh > >When I use defaults it works fine=2E It seems that the library used by >X2Go >is missing some newer methods=2E > >Config: >server ssh config: >KexAlgorithms curve25519-sha256@libssh=2Eorg >,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-= group-exchange-sha256 >Ciphers chacha20-poly1305@openssh=2Ecom,aes256-gcm@openssh=2Ecom, >aes128-gcm@openssh=2Ecom,aes256-ctr,aes192-ctr,aes128-ctr >MACs hmac-sha2-512-etm@openssh=2Ecom,hmac-sha2-256-etm@openssh=2Ecom, >umac-128-etm@openssh=2Ecom,hmac-sha2-512,hmac-sha2-256,umac-128@openssh= =2Ecom > >Client sshd config: >Client using default sshd config > >or > >HashKnownHosts yes >HostKeyAlgorithms ssh-ed25519-cert-v01@openssh=2Ecom, >ssh-rsa-cert-v01@openssh=2Ecom,ssh-ed25519,ssh-rsa, >ecdsa-sha2-nistp521-cert-v01@openssh=2Ecom, >ecdsa-sha2-nistp384-cert-v01@openssh=2Ecom, >ecdsa-sha2-nistp256-cert-v01@openssh=2Ecom >,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 >KexAlgorithms curve25519-sha256@libssh=2Eorg >,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-= group-exchange-sha256 >MACs hmac-sha2-512-etm@openssh=2Ecom,hmac-sha2-256-etm@openssh=2Ecom, >umac-128-etm@openssh=2Ecom,hmac-sha2-512,hmac-sha2-256,umac-128@openssh= =2Ecom >Ciphers chacha20-poly1305@openssh=2Ecom,aes256-gcm@openssh=2Ecom, >aes128-gcm@openssh=2Ecom,aes256-ctr,aes192-ctr,aes128-ctr > >Error: >"kex error : no match for method mac algo client->server: server [ >hmac-sha2-512-etm@openssh=2Ecom,hmac-sha2-256-etm@openssh=2Ecom, >umac-128-etm@openssh=2Ecom,hmac-sha2-512,hmac-sha2-256,umac-128@openssh= =2Ecom], >client [hmac-sha1]" > >or sometimes > >"crypt_set_algorithms2: no crypto algorithm function found for >chacha20-poly1305@openssh=2Ecom" > >Let me know if I can provide more information=2E > >Regards, >*Danie de Jager* From mike.gabriel@das-netzwerkteam.de Mon Feb 18 21:50:59 2019 Received: (at control) by bugs.x2go.org; 18 Feb 2019 20:50:59 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.9 required=3.0 tests=BAYES_00, RCVD_IN_BL_SPAMCOP_NET,RCVD_IN_SORBS_WEB,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.2 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id EB55C5DAF4 for ; Mon, 18 Feb 2019 21:50:58 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B-HjZS-bu8wn for ; Mon, 18 Feb 2019 21:50:54 +0100 (CET) Received: from fregna.das-netzwerkteam.de (fregna.das-netzwerkteam.de [148.251.53.130]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 178F25DAF1 for ; Mon, 18 Feb 2019 21:50:54 +0100 (CET) Received: from grimnir.das-netzwerkteam.de (grimnir.das-netzwerkteam.de [IPv6:2a01:4f8:202:1381::105]) by fregna.das-netzwerkteam.de (Postfix) with ESMTPS id 0F2BC605E0 for ; Mon, 18 Feb 2019 20:50:54 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTP id 062A0D23A2 for ; Mon, 18 Feb 2019 21:50:54 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at grimnir.das-netzwerkteam.de Received: from grimnir.das-netzwerkteam.de ([127.0.0.1]) by localhost (grimnir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bpzC3oMs8O5Z for ; Mon, 18 Feb 2019 21:50:48 +0100 (CET) Received: from das-netzwerkteam.de (localhost [127.0.0.1]) by grimnir.das-netzwerkteam.de (Postfix) with ESMTPS id 5B172D353E for ; Mon, 18 Feb 2019 21:44:03 +0100 (CET) Received: from [65.19.167.132] ([65.19.167.132]) by mail.das-netzwerkteam.de (Horde Framework) with HTTPS; Mon, 18 Feb 2019 20:44:03 +0000 Date: Mon, 18 Feb 2019 20:44:03 +0000 Message-ID: <20190218204403.Horde.Qc3x9KzEq7TZfIUmOLEidB1@mail.das-netzwerkteam.de> From: Mike Gabriel To: control@bugs.x2go.org Subject: housekeeping... User-Agent: Horde Application Framework 5 Accept-Language: de,en Organization: DAS-NETZWERKTEAM X-Originating-IP: 65.19.167.132 X-Remote-Browser: Mozilla/5.0 (Windows NT 6.1; rv:60.0) Gecko/20100101 Firefox/60.0 Content-Type: multipart/signed; boundary="=_xJ_tZT_e0NmnX2wPXJWfu2s"; protocol="application/pgp-signature"; micalg=pgp-sha256 MIME-Version: 1.0 This message is in MIME format and has been PGP signed. --=_xJ_tZT_e0NmnX2wPXJWfu2s Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable reassign #1374 x2goclient forcemerge #1373 #1374 kthxbye --=20 DAS-NETZWERKTEAM c\o=20Technik- und =C3=96kologiezentrum Eckernf=C3=B6rde Mike Gabriel, Marienthaler str. 17, 24340 Eckernf=C3=B6rde mobile: +49 (1520) 1976 148 landline: +49 (4354) 8390 139 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de --=_xJ_tZT_e0NmnX2wPXJWfu2s Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIzBAABCAAdFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAlxrGRIACgkQmvRrMCV3 GzGTkQ//ZxaGsT/W55l5roeesa8CE8jtwvCZgCGfGlyKitL0yPk81pifW+YPEL7i EXaegqZTBLGkU/NMr0fHdKdfc2cBTKijIrjIAzexeWlG3BLN76pq4we8kd3reDUa k2zGUIp2rPkrEMaO+eccquZYT1EIb05FX/N7WwPgmyquwqri+1xNwgdjD+NREiiQ p6R05B1Bniec3AgIAqTYYVVIMeYir2Wz/3HX2o6Cs7MaqtsXExbU6UM8nH6kI+0k 13x2OZvF7GZn173C7mWdWRqEtgvU+YeqgJJixQYw1lhJrnsBWUcjJbtrRXI/S+F+ teMUfaPrVvYh0TYvTe3natejc8mlC5cUAEO3YRMCqBWnWlTVKa6mXJC9yCFyJk9l G8lAd66JQ+hFEmlOk8mtC7IrVgf24t9S1bD0kLAH5v9Foqkk4XSU/11sPphIYjN+ YNMoWwKQdxUUBMJbFtJsO3gBGCkHk2C9qsWUO+zT4u7DovqJLZqKlg8GLGTNkoVs 3fSAwTCWqatI+a5hrtazyesb5EwPw6AUto5o7qQPObwZUNPxPipdudfMqopXikjg ZdK549pVYl+Jgk7lJybTPhKS3FcwGUHfeKRtcfk+RKcW94nHJzGXLQFrNA4HVqwO d+QS9qlfq01reyIZb0UMD0KnlPXaM6EVDsuwDcxOSEN57/YEIrk= =GA15 -----END PGP SIGNATURE----- --=_xJ_tZT_e0NmnX2wPXJWfu2s--