I am unsure what it is that makes ssh2dos so unstable for me - nobody else
has this issue?
I would like to answer Ulrich on how he can modify his Ubuntu server, but
first, a warning: These algorithms were disabled because they are obsolete
and insecure. Using a token based login, such as google-authenticator, may
be advisable if your server is public facing.
Firstly, add this to your server's /etc/ssh/sshd_config:
KexAlgorithms diffie-hellman-group1-sha1,curve25519-sha...@libssh.org
,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
Ciphers 3des-cbc,blowfish-cbc,aes128-cbc,aes128-ctr,aes256-ctr
HostKeyAlgorithms +ssh-dss
Then, make use of the -g option - it goes BEFORE your username in ssh2dos.
You should now be able to connect.
I do not know why simply adding +diffie-hellman-group1-sha1 doesn't work,
it seems it should. Also, I was in a rush - I may be excluding some newer
options - report back if you find/add them with success.
-Dan
On Thu, Jan 26, 2017 at 9:42 PM, Karen Lewellen <klewel...@shellworld.net>
wrote:
> Hi Bill,
> While I appreciate your desire for wisdom, I feel rather sure my specific
> situation will not apply to anyone else here most likely.
> I use ssh2d386 to access at least one commercial shell, but those shell
> services are maintained by others. I am not for example accessing my own
> server.
> If the servers you desire reaching are run by other people, give me an
> example and I will try.
> If my many years of computing has taught me anything is that the word
> Personal is important for a reason.
> Kare
>
>
>
> On Thu, 26 Jan 2017, William Dudley wrote:
>
> Karen,
>>
>> If you know how to get ssh2d386 to connect to a modern openssh, as on
>> Ubuntu 16.04,
>> please share the recipe with us!
>>
>> Thanks,
>> Bill Dudley
>>
>>
>> This email is free of malware because I run Linux.
>>
>> On Thu, Jan 26, 2017 at 9:10 PM, Karen Lewellen <klewel...@shellworld.net
>> >
>> wrote:
>>
>> Well, if you have given up no point in my sharing.
>>> We use the same edition of Ubuntu, both with dreamhost who has my office,
>>> and here at shellworld.
>>> While the latter requires me to make use of a few ssh2021b options, the
>>> -g
>>> option for example, I encounter no issues.
>>> I am going to guess that things like machine speed, mine is a p3 with
>>> allot of memory, impacts your situation.
>>> nor, I would hope, your location in the world.
>>> Sorry I did not notice your post before you abandoned the effort.
>>> Kare
>>>
>>>
>>>
>>> On Fri, 27 Jan 2017, Ulrich Hansen wrote:
>>>
>>>
>>> Am 26.01.2017 um 18:19 schrieb Karen Lewellen <klewel...@shellworld.net
>>>> >:
>>>>
>>>>>
>>>>> As I am presently writing this e-mail using ssh2d386 from the ssh2dos
>>>>> package ssh2021b, perhaps I can help you troubleshoot.
>>>>>
>>>>>
>>>> Hi Karen!
>>>>
>>>> I am using the exact same program and version.
>>>>
>>>> for the record, I am not using freedos, but the ms dos 7.10 package
>>>>
>>>>> mentioned on this list.
>>>>> Still every day several times a day I connect to two different servers
>>>>> using this package.
>>>>>
>>>>>
>>>> I guess your servers still run OpenSSH in versions earlier than 6.9.
>>>>
>>>> may I ask again what your issue is presently?
>>>>
>>>>>
>>>>>
>>>> Actually I have given up on it. I spent another day trying to get it to
>>>> work, but without success.
>>>>
>>>> The problem is that I can’t connect to an Ubuntu 16.04 LTS server with
>>>> OpenSSH 7.2.
>>>>
>>>> SSH2D386 gives the message:
>>>>
>>>> Expected KEX_DH_GEX_GROUP
>>>> DH key exchange failed
>>>>
>>>> The server logs:
>>>> Jan 27 00:02:22 ubuntu-VirtualBox sshd[2651]: error: kex protocol
>>>> error: type 30 seq 1 [preauth]
>>>> Jan 27 00:02:22 ubuntu-VirtualBox sshd[2651]: error: Received
>>>> disconnect from 192.168.1.110 port 645:3: Expected KEX_DH_GEX_GRO
>>>>
>>>> As I wrote I already had problems connecting to a Debian 8 server with
>>>> OpenSSH 6.7.
>>>> But there I could fix it with these lines in /etc/ssh/sshd_config on the
>>>> server.
>>>>
>>>> Ciphers aes128-cbc
>>>> KexAlgorithms diffie-hellman-group-exchange-sha1
>>>> MACs hmac-sha1
>>>> HostKeyAlgorithms ssh-css
>>>>
>>>> But in OpenSSH 7.2 this didn’t work.
>>>>
>>>> What else did I try?
>>>>
>>>> I tried to set MTU=576 in C:\FDOS\WATTCP.CFG.
>>>>
>>>> I tried to recompile OpenSSH.
>>>> The first time with adding this line in in compat.c:
>>>> { "SSHDOS*", SSH_OLD_DHGEX },
>>>> The second time with this one:
>>>> { "SSHDOS*", SSH_BUG_NOREKEY|SSH_BUG_FIRSTKEX },
>>>>
>>>> Both were not able to let SSH2D386 connect. It worked great with other
>>>> SSH clients.
>>>>
>>>> The idea was that SSH2DOS uses code from PuTTY and there were already
>>>> several exceptions in combat.c for old PuTTY versions. The reason seems
>>>> to
>>>> be that OpenSSH implemented RFC4419 and old PuTTY versions and SSH2DOS
>>>> did
>>>> not. See [1], [2].
>>>>
>>>> I even looked at the SSH2DOS source code. But I have no experience with
>>>> OpenWatcom. I installed it but gave up, when I saw I also had to compile
>>>> the WATT32 TCP/IP stack.
>>>>
>>>> SSH2DOS uses PuTTY code, which is also Free Software. So in theory it
>>>> should be possible to replace the old PuTTY code with a more recent one.
>>>>
>>>> cheers
>>>> Ulrich
>>>>
>>>>
>>>> [1] https://forums.red-gate.com/viewtopic.php?f=198&t=78958
>>>> [2] http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/
>>>> rfc4419.html
>>>>
>>>>
>>>>
>>>> ------------------------------------------------------------
>>>> ------------------
>>>> Check out the vibrant tech community on one of the world's most
>>>> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
>>>> _______________________________________________
>>>> Freedos-user mailing list
>>>> Freedos-user@lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/freedos-user
>>>>
>>>>
>>> ------------------------------------------------------------
>>> ------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
>>> _______________________________________________
>>> Freedos-user mailing list
>>> Freedos-user@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/freedos-user
>>>
>>>
>>>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> _______________________________________________
> Freedos-user mailing list
> Freedos-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/freedos-user
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Freedos-user mailing list
Freedos-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-user
