Ubuntu
openssh package

Unable to negotiate a key exchange method

Bug #1497263 reported by jean-christophe manciot
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Client: Ubuntu Server 15.04 with openssh-client 6.7p1
Server: Ubuntu cloud server 15.04 with openssh-server 6.7p1

Connection trace:
root@msi-ge60-ubuntu:/media/actionmystique/SAMSUNG-Ext4/KVM-Qemu/VMs# ssh -v -p 22 -i ./KVM-Ubuntu-Server-15.04-ubuntu-id_rsa ubuntu@172.16.100.245
OpenSSH_6.7p1 Ubuntu-5ubuntu1.3, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 172.16.100.245 [172.16.100.245] port 22.
debug1: Connection established.
debug1: key_load_private_type: No such file or directory
debug1: key_load_private_cert: No such file or directory
debug1: key_load_private_cert: No such file or directory
debug1: key_load_private_cert: No such file or directory
debug1: key_load_private_cert: No such file or directory
debug1: key_load_private_type: No such file or directory
debug1: permanently_set_uid: 0/0
debug1: identity file ./KVM-Ubuntu-Server-15.04-ubuntu-id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file ./KVM-Ubuntu-Server-15.04-ubuntu-id_rsa-cert type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Ubuntu-5ubuntu1.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Ubuntu-5ubuntu1.3
debug1: match: OpenSSH_6.7p1 Ubuntu-5ubuntu1.3 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
Unable to negotiate a key exchange method

Am I missing something?

Revision history for this message
jean-christophe manciot (manciot-jeanchristophe) wrote :

That issue has been solved with newer versions openssh-server/client 6.9p1-2.
However, another issue has surfaced: cf. https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1522190

Revision history for this message
Robie Basak (racb) wrote :
Download full text (3.6 KiB)

Thank you for taking the time to report this bug and helping to make Ubuntu better.

I cannot reproduce this. My log is below. Could this be a misconfiguration on your system? For example, your lines "debug1: key_load_private_cert: No such file or directory" suggest to me that you are running a non-default configuration.

Since it seems likely to me that this is a local configuration problem, rather than a bug in Ubuntu, I'm marking this bug as Incomplete.

If indeed this is a local configuration problem, you can find pointers to get help for this sort of problem here: http://www.ubuntu.com/support/community

Or if you believe that this is really a bug, then you may find it helpful to read "How to report bugs effectively" http://www.chiark.greenend.org.uk/~sgtatham/bugs.html. We'd be grateful if you would then provide a more complete description of the problem, explain why you believe this is a bug in Ubuntu rather than a problem specific to your system, and then change the bug status back to New.

My failure to reproduce:

$ ssh -v ubuntu@localhost
OpenSSH_6.7p1 Ubuntu-5ubuntu1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/ubuntu/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Ubuntu-5ubuntu1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Ubuntu-5ubuntu1
debug1: match: OpenSSH_6.7p1 Ubuntu-5ubuntu1 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr <email address hidden> none
debug1: kex: client->server aes128-ctr <email address hidden> none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 8c:5a:4e:4b:33:2d:86:f3:78:9c:9b:e0:4e:70:94:60
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in /home/ubuntu/.ssh/known_hosts:1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next a...

Read more...

Changed in openssh (Ubuntu):
status: New → Incomplete
Revision history for this message
Robie Basak (racb) wrote :

I also tried with 5ubuntu1.3 and still cannot reproduce. A key difference might be your:

debug1: kex: server->client aes128-ctr hmac-sha1 none

vs. my:

debug1: kex: server->client aes128-ctr <email address hidden> none

$ ssh -v ubuntu@localhost
OpenSSH_6.7p1 Ubuntu-5ubuntu1.3, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/ubuntu/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/ubuntu/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Ubuntu-5ubuntu1.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Ubuntu-5ubuntu1.3
debug1: match: OpenSSH_6.7p1 Ubuntu-5ubuntu1.3 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr <email address hidden> none
debug1: kex: client->server aes128-ctr <email address hidden> none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 8c:5a:4e:4b:33:2d:86:f3:78:9c:9b:e0:4e:70:94:60
debug1: Host 'localhost' is known and matches the ECDSA host key.
debug1: Found key in /home/ubuntu/.ssh/known_hosts:1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/ubuntu/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: Authentication succeeded (publickey).
Authenticated to localhost ([127.0.0.1]:22).
debug1: channel 0: new [client-session]
debug1: Requesting <email address hidden>
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Welcome to Ubuntu 15.04 (GNU/Linux 3.19.0-14-generic x86_64)

Revision history for this message
jean-christophe manciot (manciot-jeanchristophe) wrote :

I really appreciate you're taking some time to answer this.

However, there's some confusion here: you're answering in this thread to another issue which is located in another thread (https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1522190). My configuration is not the same. could you try to reproduce the new issue with my new settings and answer in the new thread?

In the meantime, I'll post more information about sshd_config & ssh_config in the new thread.
You were right: I'm not using a default configuration, but openssh should also work in other situations that the default one, right?

jean-christophe manciot (manciot-jeanchristophe)
Changed in openssh (Ubuntu):
status: Incomplete → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.