far2l icon indicating copy to clipboard operation
far2l copied to clipboard

Published 20 hours ago verified publisher icon elfmz

Netrocks scp/sftp kex error : no match for method mac algo client -> server

Open chpasha opened this issue 2 years ago • 10 comments
trafficstars

I'm getting this error since upgrading to Debian 12 and far2l 2.5.2 while connecting via ssh to old server running debian wheezy image native terminal has no problem connecting, midnight commander has no problem as well. If I enable different legacy stuff, like suggested on the internet in /etc/ssh/ssh_config

KexAlgorithms diffie-hellman-group1-sha1,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
Ciphers [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
 HostKeyAlgorithms ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],rsa-sha2-512,rsa-sha2-256
MACs hmac-md5,hmac-sha1,[email protected]

then I get ssh-agent authentication failed

chpasha avatar Aug 18 '23 19:08 chpasha

Try this: https://github.com/elfmz/far2l/discussions/1364#discussioncomment-4741879

elfmz avatar Aug 19 '23 12:08 elfmz

Hi, thank you for the answer. If you look at my code in description, I've already tried that (and not only). The issue under your link is a different one - about host key algo. I have it too but it is solved with entry in config or via option ssh-rsa supplied directly in advanced netrocks connection settings. The one from my screenshot comes after the first one is fixed and is about mac algorithms, and could be solved with cofiguration entry MACs hmac-md5,hmac-sha1,[email protected] but it is not, because (this is my assumption) those algos are not present in libssh anymore (but are present in openssh-client or whatever lib the native clients and Midnight commander use)

chpasha avatar Aug 20 '23 14:08 chpasha

maybe shell protocol could be a better option for you?

unxed avatar Oct 03 '23 20:10 unxed

maybe shell protocol could be a better option for you?

Unfortunately same problem

chpasha avatar Oct 04 '23 06:10 chpasha

does console ssh client work in your case?

unxed avatar Oct 04 '23 08:10 unxed

does console ssh client work in your case?

Definitely, as well as midnight commander (which is my fallback option for now, if I have to get some files from those old servers)

chpasha avatar Oct 04 '23 08:10 chpasha

Shell protocol recently added uses ssh client under the hood. So it should work (or at least should not have such an issue if ssh doesnt have it): image

elfmz avatar Oct 04 '23 09:10 elfmz

I don't update very often and didn't know about that change. Yes, it does work for me. Unfortunately, I have to test sftp connections from time to time, but I can do that in command line. Being able to access the old servers on a regular basis is more important to me, thanks 👍

chpasha avatar Oct 04 '23 13:10 chpasha

Thanks for the quick reply! Can we close an issue now?

unxed avatar Oct 04 '23 13:10 unxed

I don't know - it doesn't really solve the actual problem, but rather workarounds it for cases where sftp not involved. If there is no chance to fix it, then yes, it could be closed, I guess

chpasha avatar Oct 04 '23 14:10 chpasha