Comments (11)
What does that option do? Are you enabling insecure ciphers? I think you need to fix this on the server side...
from ssh.
Ironically this is the first time I've seen this and its for a bank :) Ok I can ask them to update but is there any way for the R library ssh
to add parameters to the SSH command to cover occasions where the server can't be fixed?
from ssh.
@cryptomilk is there a way to enable legacy algorithms in libssh ?
from ssh.
DSS is still supported. Which version of libssh is that and more logging is needed ...
from ssh.
This is likely 0.8.3 on MacOS. @MarkEdmondson1234 please include your ssh::libssh_version()
and sessionInfo()
and also try increasing your verbose
parameter to get more info.
from ssh.
Will do, its a work laptop so will send it next week.
from ssh.
There is another issue with active connections that I will wait to be resolved before creating the new logs, but the versioning info is below:
ssh::libssh_version()
[1] "0.8.3"
> library(ssh)
Warning message:
package ‘ssh’ was built under R version 3.4.4
> sessionInfo()
R version 3.4.1 (2017-06-30)
Platform: x86_64-apple-darwin15.6.0 (64-bit)
Running under: macOS 10.14
Matrix products: default
BLAS: /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib
LAPACK: /Library/Frameworks/R.framework/Versions/3.4/Resources/lib/libRlapack.dylib
locale:
[1] en_US.UTF-8/en_US.UTF-8/en_US.UTF-8/C/en_US.UTF-8/en_US.UTF-8
attached base packages:
[1] stats graphics grDevices utils datasets methods base
other attached packages:
[1] ssh_0.3
loaded via a namespace (and not attached):
[1] compiler_3.4.1 tools_3.4.1 yaml_2.2.0
from ssh.
Hello, I'm back now with more complete logs. I can get a little further connecting via bash SSH although still not a full connection.
session <- ssh_connect("[email protected]",
+ keyfile = "id_rsa_me", verbose = 4)
ssh_connect: libssh 0.8.3 (c) 2003-2018 Aris Adamantiadis, Andreas Schneider and libssh contributors. Distributed under the LGPL, please refer to COPYING file for information about your rights, using threading threads_pthread
getai: host 123.456.789.101 matches an IP address
ssh_socket_connect: Nonblocking connection socket: 29
ssh_connect: Socket connecting, now waiting for the callbacks to work
ssh_connect: Actual timeout : 10000
ssh_socket_pollcallback: Poll callback on socket 29 (POLLOUT ), out buffer 0
ssh_socket_pollcallback: Received POLLOUT in connecting state
socket_callback_connected: Socket connection callback: 1 (0)
ssh_socket_unbuffered_write: Enabling POLLOUT for socket
ssh_socket_pollcallback: Poll callback on socket 29 (POLLOUT ), out buffer 0
ssh_socket_pollcallback: Poll callback on socket 29 (POLLIN ), out buffer 0
callback_receive_banner: Received banner: SSH-2.0-srtSSHServer_11.00
ssh_client_connection_callback: SSH server banner: SSH-2.0-srtSSHServer_11.00
ssh_analyze_banner: Analyzing banner: SSH-2.0-srtSSHServer_11.00
ssh_socket_pollcallback: Poll callback on socket 29 (POLLIN ), out buffer 0
ssh_packet_socket_callback: packet: read type 20 [len=628,padding=9,comp=618,payload=618]
ssh_packet_process: Dispatching handler for packet type 20
ssh_list_kex: kex algos: diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha512@ssh.com,diffie-hellman-group16-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
ssh_list_kex: server host key algo: ssh-rsa
ssh_list_kex: encryption client->server: aes256-cbc,3des-ctr,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,cast128-cbc
ssh_list_kex: encryption server->client: aes256-cbc,3des-ctr,twofish256-cbc,twofish-cbc,aes128-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,cast128-cbc
ssh_list_kex: mac algo client->server: hmac-sha2-512,hmac-sha2-384,hmac-sha2-256,hmac-sha2-224,hmac-md5
ssh_list_kex: mac algo server->client: hmac-sha2-512,hmac-sha2-384,hmac-sha2-256,hmac-sha2-224,hmac-md5
ssh_list_kex: compression algo client->server: none
ssh_list_kex: compression algo server->client: none
ssh_list_kex: languages client->server:
ssh_list_kex: languages server->client:
ssh_client_select_hostkeys: No supported kex method for existing key in known_hosts file
ssh_kex_select_methods: Negotiated diffie-hellman-group16-sha512,ssh-rsa,aes256-cbc,aes256-cbc,hmac-sha2-256,hmac-sha2-256,none,none,,
ssh_list_kex: kex algos: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
ssh_list_kex: server host key algo: ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss
ssh_list_kex: encryption client->server: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
ssh_list_kex: encryption server->client: aes256-ctr,aes192-ctr,aes128-ctr,aes256-cbc,aes192-cbc,aes128-cbc,blowfish-cbc,3des-cbc
ssh_list_kex: mac algo client->server: hmac-sha2-256,hmac-sha2-512,hmac-sha1
ssh_list_kex: mac algo server->client: hmac-sha2-256,hmac-sha2-512,hmac-sha1
ssh_list_kex: compression algo client->server: none
ssh_list_kex: compression algo server->client: none
ssh_list_kex: languages client->server:
ssh_list_kex: languages server->client:
ssh_socket_unbuffered_write: Enabling POLLOUT for socket
packet_send2: packet: wrote [len=660,padding=10,comp=649,payload=649]
packet_send2: packet: wrote [len=524,padding=6,comp=517,payload=517]
ssh_socket_pollcallback: Poll callback on socket 29 (POLLOUT ), out buffer 528
ssh_socket_unbuffered_write: Enabling POLLOUT for socket
ssh_socket_pollcallback: Poll callback on socket 29 (POLLOUT ), out buffer 0
ssh_socket_pollcallback: sending control flow event
ssh_packet_socket_controlflow_callback: sending channel_write_wontblock callback
ssh_socket_pollcallback: Poll callback on socket 29 (POLLIN ), out buffer 0
ssh_packet_socket_callback: packet: read type 1 [len=36,padding=4,comp=31,payload=31]
ssh_packet_process: Dispatching handler for packet type 1
ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT 3:invalid DH value
ssh_packet_disconnect_callback: Received SSH_MSG_DISCONNECT: 3:invalid DH value
ssh_connect: current state : 9
Error: libssh failure at 'connect': Received SSH_MSG_DISCONNECT: 3:invalid DH value
This bash command gets a little further and fails for perhaps a different issue, but I include in case it is the same problem. Changed a few credentials to protect the guilty.
> IIHs-MacBook-Air:example$ scp -oHostKeyAlgorithms=+ssh-dss -i id_rsa_iih -c aes256-cbc -v -o PasswordAuthentication=no -o KbdInteractiveAuthentication=no -o ChallengeResponseAuthentication=no [email protected]:Dynamic_tracking.csv test.csv
Executing: program /usr/bin/ssh host ftp.example.dk, user ME, command scp -v -f Dynamic_tracking.csv
OpenSSH_7.8p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/ME/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to ftp.example.dk port 22.
debug1: Connection established.
debug1: identity file id_rsa_iih type -1
debug1: identity file id_rsa_iih-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.8
debug1: Remote protocol version 2.0, remote software version srtSSHServer_11.00
debug1: no match: srtSSHServer_11.00
debug1: Authenticating to ftp.example.dk:22 as 'ME'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes256-cbc MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes256-cbc MAC: hmac-sha2-256 compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<8192<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:xxxxxx
debug1: Host 'ftp.example.dk' is known and matches the RSA host key.
debug1: Found key in /Users/ME/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: id_rsa_iih
debug1: Authentication succeeded (publickey).
Authenticated to ftp.myexample.dk ([123.456.789.101]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending env LC_CTYPE = en_US.UTF-8
debug1: Sending command: scp -v -f my_file.csv
exec request failed on channel 0
from ssh.
That invalid DH value
error is strange. What is the error on the server, could you turn on logging there and check? Also could you update to libssh version 0.8.6?
from ssh.
I haven't access to the server but I found a solution by its administrator that said linux can't connect to Windows via scp
, so switched to sftp
it worked. I thought SFTP used ssh
underneath it and I do have to set with the same options to get through authentication.
I guess then I was just trying to put a square peg in a round hole? Wrong tool for the job? If thats the case will close the issue, thanks for your time :)
from ssh.
Both scp
and sftp
use ssh but they are different protocols. This sounds like some problem with the windows openssh server. Closing for now unless somebody else runs into this and can provide more detailed information.
from ssh.
Related Issues (20)
- problem using scp on a complete folder tree
- Package installation onto Docker HOT 1
- SSH failing to open Known host file HOT 1
- ssh_tunnel to localhost.run
- Error when using scp_upload() & scp_download on some SFTPs
- SSH session automatically disconnects after parallel programming
- cannot scp_upload from Windows to Windows HOT 1
- cannot use wildcards with scp_download
- Problems wit large files with scp_download
- Make SSH tunnel to query a remote redshift database in R HOT 1
- switch user using sudo failing HOT 1
- ssh-agent not being found HOT 1
- Feature Request: `ssh_info()` works on disconnected sessions
- SSH_AUTH_METHOD_PASSWORD does not seem to be working
- scp_upload problem in newest verision HOT 1
- Could add function support SSH without password HOT 1
- How do I preserve the mode permission of a file with scp_upload HOT 1
- scp_upload and scp_download fail for UNC paths without permission on root directory
- Uploading large files using scp_upload() causes RStudio session crash
- Unable to connect from windows due to algorithm mismatch HOT 9
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ssh.