[
https://issues.apache.org/jira/browse/GUACAMOLE-1619?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kenneth D'hoe updated GUACAMOLE-1619:
-------------------------------------
Description:
Not able to SSH to ubuntu 22.04 LTS host from latest dockerized guacamole.
On the remote server i receive the error: Unable to negotiate with xx.xx.xx.xx
port 44138: no matching host key type found. Their offer: ssh-rsa,ssh-dss
[preauth]
SSH Version on remote host: user@hostname:~# ssh -V
OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022
Looks like guacamole is not able to use newer key algorithms ?
Debug Log:
{code:java}
Jun 3 09:36:49 srv-capp2 sshd[1053815]: debug1: Forked child 1054212.
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: Set /proc/self/oom_score_adj
to 0
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: rexec start in 5 out 5 newsock
5 pipe 7 sock 8
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: inetd sockets after dupping:
4, 4
Jun 3 09:36:49 srv-capp2 sshd[1054212]: Connection from 172.23.0.2 port 44142
on 172.31.15.16 port 22 rdomain ""
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: Local version string
SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: Remote protocol version 2.0,
remote software version libssh2_1.8.0
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: compat_banner: no match:
libssh2_1.8.0
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: permanently_set_uid: 106/65534
[preauth]
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: list_hostkey_types:
rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: SSH2_MSG_KEXINIT received
[preauth]
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: kex: algorithm:
diffie-hellman-group-exchange-sha256 [preauth]
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: kex: host key algorithm: (no
match) [preauth]
Jun 3 09:36:49 srv-capp2 sshd[1054212]: Unable to negotiate with 172.23.0.2
port 44142: no matching host key type found. Their offer: ssh-rsa,ssh-dss
[preauth]
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: do_cleanup [preauth]
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: monitor_read_log: child log fd
closed
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: do_cleanup
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: Killing privsep child 1054213
Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: audit_event: unhandled event
12 {code}
was:
Not able to SSH to ubuntu 22.04 LTS host from latest dockerized guacamole.
On the remote server i receive the error: Unable to negotiate with xx.xx.xx.xx
port 44138: no matching host key type found. Their offer: ssh-rsa,ssh-dss
[preauth]
SSH Version on remote host: user@hostname:~# ssh -V
OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022
Looks like guacamole is not able to use newer key algorithms ?
> Ubuntu LTS 22.04 SSH - Guacamole
> --------------------------------
>
> Key: GUACAMOLE-1619
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1619
> Project: Guacamole
> Issue Type: Bug
> Components: guacamole
> Affects Versions: 1.4.0
> Environment: Ubuntu LTS 22.04 / Docker with latest guacamole image
> Reporter: Kenneth D'hoe
> Priority: Major
>
> Not able to SSH to ubuntu 22.04 LTS host from latest dockerized guacamole.
> On the remote server i receive the error: Unable to negotiate with
> xx.xx.xx.xx port 44138: no matching host key type found. Their offer:
> ssh-rsa,ssh-dss [preauth]
> SSH Version on remote host: user@hostname:~# ssh -V
> OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022
> Looks like guacamole is not able to use newer key algorithms ?
>
> Debug Log:
> {code:java}
> Jun 3 09:36:49 srv-capp2 sshd[1053815]: debug1: Forked child 1054212.
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: Set /proc/self/oom_score_adj
> to 0
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: rexec start in 5 out 5
> newsock 5 pipe 7 sock 8
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: inetd sockets after dupping:
> 4, 4
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: Connection from 172.23.0.2 port
> 44142 on 172.31.15.16 port 22 rdomain ""
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: Local version string
> SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: Remote protocol version 2.0,
> remote software version libssh2_1.8.0
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: compat_banner: no match:
> libssh2_1.8.0
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: permanently_set_uid:
> 106/65534 [preauth]
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: list_hostkey_types:
> rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: SSH2_MSG_KEXINIT sent
> [preauth]
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: SSH2_MSG_KEXINIT received
> [preauth]
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: kex: algorithm:
> diffie-hellman-group-exchange-sha256 [preauth]
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: kex: host key algorithm: (no
> match) [preauth]
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: Unable to negotiate with 172.23.0.2
> port 44142: no matching host key type found. Their offer: ssh-rsa,ssh-dss
> [preauth]
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: do_cleanup [preauth]
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: monitor_read_log: child log
> fd closed
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: do_cleanup
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: Killing privsep child 1054213
> Jun 3 09:36:49 srv-capp2 sshd[1054212]: debug1: audit_event: unhandled event
> 12 {code}
--
This message was sent by Atlassian Jira
(v8.20.7#820007)
