https://bugzilla.mindrot.org/show_bug.cgi?id=2991
--- Comment #8 from Darren Tucker <[email protected]> --- (In reply to Karthik Adiga from comment #7) > Thanks Darren. > > Tried with the configurations you provided. Its still not working in > my case. did you restart sshd after making the config change? > As you said key exchange fails if client doesn't supports the > algorithm yes. > (here in this case hmac-sha1). no. We can tell from the log of the failing connection that both sides support hmac-sha1: debug2: mac_setup: found hmac-sha1 debug1: kex: server->client aes128-ctr hmac-sha1 none debug2: mac_setup: found hmac-sha1 debug1: kex: client->server aes128-ctr hmac-sha1 none > So failed right? Is that mean 7.9p1 is not compatible with 5.3p1? It should work. I built a 5.3p1 client and was able to connect to a 7.9p1 server with the default config. I then forced the server to support only ssh-dss ("HostKeyAlgorithms ssh-dss") and got the same error you did. > Or is there any other configurations to add or modify. > > Please suggest. Thank you once again. I suggest: - make sure you are editing the right sshd_config. A self-built one will by default use /usr/local/etc/sshd_config/ - make sure sshd has been restarted with config changes in comment#5. If that doesn't work, please attach: - a client debug log with the suggested config changes. - a server debug log (eg "/path/to/sshd -ddde -p 2222" then connect with "ssh -p 2222") - a copy of the server's config file. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
