"Bad configuration option: KexAlgorithms" - windows

I am trying to ssh into a remote server for my university on a Windows 10 computer.
I installed OpenSSH. When I first tried to ssh in, I would get the error
no kex alg
Doing some googling, I put the following in my /.ssh/config file
KexAlgorithms kexalgorithms curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
However, now when I try to ssh, I get these errors:
/cygdrive/c/Users/name/.ssh/config: line 3: Bad configuration option: KexAlgorithms
/cygdrive/c/Users/name/.ssh/config: terminating, 1 bad configuration options
I'm new to trying this and have been frustrated for hours. Anyone know how I can fix this? Thank you :)
UPDATE: Changed my config file to this based off comment, still getting error:
Host name#remote_server
HostName name#remote_server
KexAlgorithms curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
Error message still the same, still getting error with line 3, KeyAlgorithmns

The binaries of ssh in windows 10 are outdated. You should download the new ssh binaries and add them to the windows environment variables and it's fixed. Stack overflow post

Related

SSH to wpengine works in windows command terminal but not git bash

Recently I had to get my hard drive replaced on my work machine and thus had to reconfigure everything. As a result I had to reinstall git bash. Before I was able to ssh fine into wpengine and now I cannot.
I am able to connect via the regular windows terminal fine but when I try with git bash I am getting the "Permission denied (publickey)." error for the same exact command.
I have tried all the suggested options from wpengine and in the different questions related to this on other SE questions and nothing is working.
I am using a Windows machine on windows 10.
Here are the following things I have tried:
Regenerating the key and adding it to my user public keys again and
then waiting 24 hours.
Adding the config details to the ssh_config file in C:\Program
Files\Git\etc\ssh
Adding a config file to my /User/username/.ssh/ folder.
I have tried using the following link and adding the wpengine rsa file: https://gist.github.com/jherax/979d052ad5759845028e6742d4e2343b as well.
Any and all help would be appreciated.
My guess is there is some kind of permissions issue going on the local machine?
Why would the request from git bash terminal to wpengine look different from windows command terminal?
I did solve my issue. If it helps you please use it!
When I used the command to the ssh host with : ssh -v user#environment.wpengine.ssh.net info
I got back this among the debug errors:
debug1: Offering public key: /c/Users/USERNAME/.ssh/KEY_FILENAME RSA XXXXXXXXXXXXXXXXXXXXX explicit
debug1: send_pubkey_test: no mutual signature algorithm
debug1: No more authentication methods to try.
user#environment.ssh.wpengine.net: Permission denied (publickey).
After finding this page:
https://transang.me/ssh-handshake-is-rejected-with-no-mutual-signature-algorithm-error/
I was able to solve the issue by adding the line:
PubkeyAcceptedAlgorithms +ssh-rsa to my ssh config file.
Honestly I am not even 10% certain on WHY this worked, however, it solved my problem.
How To Connect with SSH In WPEngine
If you are having trouble connecting to SSH in WPEngine Following are the commands which I used:
ssh-keygen -t rsa -b 4096 -f c:/users//.ssh/wpengine_rsa
Add Fingerprint in WPEngine My Profile – SSH
Add Config file
Host *.ssh.wpengine.net
IdentityFile ~/.ssh/wpengine_rsa
IdentitiesOnly yes
Connect with your wordpress website (windows command prompt)
ssh environment#environment.ssh.wpengine.net

vagrant error: Could not resolve host: (nil); Host not found

When running "vagrant up" command, I got following error:
The box 'ubuntu/trusty32' could not be found or
could not be accessed in the remote catalog. If this is a private
box on HashiCorp's Atlas, please verify you're logged in via
vagrant login. Also, please double-check the name. The expanded
URL and error message are shown below:
URL: ["https://atlas.hashicorp.com/ubuntu/trusty32"]
Error: Could not resolve host: (nil); Host not found
Host OS: Windows 7 (64bit)
Vagrant version: 1.7.4
Git client:
I have tried following and none of them fixed the problem:
1) add "config.vm.box_check_update=false" to Vagrantfile
2) add "HTTP_PROXY" and "HTTPS_PROXY" environmental variables in host OS
(Note: I am able to download the box file using browser from atlas.hashicopr.com using actual URL.)
Based on the error it looks like that you are running vagrant under some firewall. To avoid this error simply set HTTP_PROXY and HTTPS_PROXY environment variable. To get your proxy setting you may use command or easy and visual way open IE and get it from internet connection settings.
Here is how you set-
http_proxy=http://yourproxyserver:port
https_proxy=https://yourproxyserver:port
And command to get it-
netsh.exe winhttp show proxy
In output look for the of "Proxy Servers(s)".
Hope it helps.

SSH/Kerberos not working on OSX

So I have tried and tried to get my ssh to work with kerberos on Mavericks to no avail. Here are my versions:
ssh: OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
kerberos: Heimdal 1.5.1apple1
I also tried the built in ssh with no effect as well. Here is my config:
ForwardAgent yes
GSSAPIAuthentication yes
GSSAPIDelegateCredentials yes
GSSAPIKeyExchange yes
i have checked, there are no overriding settings in my user config
After all of this, I still get prompted for a password when ssh'ing to a linux host that does work with linux clients. (I am able to successfully kinit and i do get a ticket)
Any clues what I am missing? Has anyone has this problem before.
HERE is a link to the ssh connection log. It just seems to abandon gssapi without even trying it... why????
NOTE ON OSX SIERRA:
It appears that Apple broke it again.... The gssapitrusdns stuff is actually a third-party contribution and Apple revved to a newer ssh that doesn't include those patches... See HERE and HERE
ORIGINAL ANSWER (pre Sierra):
Ok, so after even more head-scratching, giving up, and violent attempts to strangle my computer with a power cord, I have found the answer... Turns out, OSX need to be told to explicitly trust DNS.... Add the following line to your ssh config:
GSSAPITrustDNS yes
Source (check the 'Problems and Workarounds' section)
From the logs it looks like server is sending "gssapi-keyex,gssapi-with-mic" methods but somehow client doesn't have support for it.
Look at this logs
preferred publickey,keyboard-interactive,password
can you check your client whether it supports it or not ?
you can check client config file /user//.ssh/config -> on linux system.

Git with putty on windows

When attempting to push / pull over ssh, git is failing with the following error:
"C:\Program Files\Git\bin\git.exe" push -u --recurse-submodules=check -progress "testremote" project:project
Using username "git-receive-pack 'ec2-user".
FATAL ERROR: Disconnected: No supported authentication methods available (server sent: publickey)
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
Done
The remote "testremote" is setup as "ssh://ec2-user#sweeb.net:gittest.git" and I'm using an existing keypair that I have used with PuTTY before without issue.
Pageant is running, with my key loaded.
I think the issue is the line "Using username "git-receive-pack 'ec2-user"." - I assumed git's commands were breaking on windows thanks to the space in "Program Files" so I've tried to surround everything with double quotes, but that doesn't seem to be working. Has anyone seen anything like this before?
Windows vars:
GIT_SSH=C:\PuTTY\plink.exe
PATH=[...];"C:\Program Files\Git\cmd";"C:\Program Files\Git\libexec\git-core\";"C:\Program Files\Git\bin\"
This was solved by removing "ssh://", that's implicit in Git Extensions apparently.

Getting "Server refused to allocate pty" error when trying to connect to Bitbucket via SSH on Windows

I'm trying to hook up Mercurial to Bitbucket on a PC and it's being really tough. I followed the instructions here:
http://www.codza.com/mercurial-with-ssh-setup-on-windows
and I'm running pageant set to my private key. I typed this at the command line:
plink -v hg#bitbucket.org and I get the following output:
C:\mypath>plink -v hg#bitbucket.org
"skipped for briefness"
Access granted
Opened channel for session
Server refused to allocate pty
Started a shell/command
conq: invalid command syntax
Server sent command exit status 0
Disconnected: All channels closed
My friend got the same error when he tried it on his PC. Can you help explain what the problem is or how to debug?
Running plink ssh://hg#bitbucket.org gives Using username ssh://hg and Disconnected: No supported authentication methods available.
Thanks for your help,
Kevin
You cannot connect to Bitbucket like that and get a login shell -- their backend process (called conq) will only accept Mercurial commands. With TortoiseHg, you don't have to do anything special -- so hg push ssh://hg#bitbucket.org/... should just work out of the box.
Using HTTPS is generally a nicer option for Bitbucket and as we discussed on IRC, there are plenty of ways to cache the passwords.

Resources