subject:"\[Wireshark\-bugs\] \[Bug 16700\] Wireshark connect to linux ssh server failed due to \"no match for method kex algos\""

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #16 from Guy Harris  ---
(In reply to Dario Lombardo from comment #12)
> I would add that info at compile time, not runtime.

I would add that info at compile time *and* run time:

https://code.wireshark.org/review/c/37875/

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #15 from Pascal Quantin  ---
(In reply to Gerald Combs from comment #13)
> (In reply to Pascal Quantin from comment #7)
> > I will give a try at updating the Windows version used with the vcpkg
> > version when I can (running out of time currently). Hopefully they support
> > the other algorithms but I won't be able to verify it myself so you will
> > have to test it with one of our nightly builds when ready.
> 
> The vcpkg port might be tricky from a licensing perspective. It lets you
> choose between OpenSSL and mbed TLS:
> 
> https://github.com/microsoft/vcpkg/blob/master/ports/libssh/CONTROL
> 
> OpenSSL is in the process of switching from the OpenSSL/SSLeay license
> (which isn't GPLv2 compatible) to Apache 2.0 (which isn't GPLv2 compatible).
> Some versions of mbed TLS are available under the GPL, so we could use it,
> at least in theory:
> 
> https://tls.mbed.org/download-archive

Indeed, then it means that we would need to rebuild it ourselves as we did
initially (we depend on libgcrypt instead). Not sure though if an upgrade will
unlock those new ciphers.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #14 from Chuck Craft  ---
Oops. Just my config. The wireshark binary directory is not set in PATH so that
I have to explicitly pick a version to run.
For a normal user with the PATH set properly, sshdump.exe runs fine.

Should the version be pulled from the DLL or library at run time in case
someone has monkeyed around and copied a different library in?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #13 from Gerald Combs  ---
(In reply to Pascal Quantin from comment #7)
> I will give a try at updating the Windows version used with the vcpkg
> version when I can (running out of time currently). Hopefully they support
> the other algorithms but I won't be able to verify it myself so you will
> have to test it with one of our nightly builds when ready.

The vcpkg port might be tricky from a licensing perspective. It lets you choose
between OpenSSL and mbed TLS:

https://github.com/microsoft/vcpkg/blob/master/ports/libssh/CONTROL

OpenSSL is in the process of switching from the OpenSSL/SSLeay license (which
isn't GPLv2 compatible) to Apache 2.0 (which isn't GPLv2 compatible). Some
versions of mbed TLS are available under the GPL, so we could use it, at least
in theory:

https://tls.mbed.org/download-archive

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #12 from Dario Lombardo  ---
I would add that info at compile time, not runtime.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #11 from Chuck Craft  ---
That would work on linux (not sure about Mac) but on Windows the extcap
binaries can't find the DLLs when run from the command line.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #10 from Dario Lombardo  ---
Indeed. Why do you think sshdump.html whould be appropriate? I would have said
sshdump --version instead.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #9 from Chuck Craft  ---
LIBSSH_VERSION is set in FindLIBSSH.cmake but doesn't appear to be used.

Is libssh only used by sshdump and if so then reporting libssh version in
wireshark -v output isn't appropriate?

Should the version number be in sshdump.html?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #8 from joseph.wang  ---
Sure, I can verified it. Thank you very much.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

Pascal Quantin  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |CONFIRMED

--- Comment #7 from Pascal Quantin  ---
I will give a try at updating the Windows version used with the vcpkg version
when I can (running out of time currently). Hopefully they support the other
algorithms but I won't be able to verify it myself so you will have to test it
with one of our nightly builds when ready.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #6 from joseph.wang  ---
Thank you for your reply.

Yes, this is windows package. And I tried the Ubuntu and MacOS release, both
they can work. From the sshd debug log:
The Ubuntu's Version 3.2.4 use the libssh_0.7.0;
The MacOS's Version 3.2.5 use the libssh_0.9.0;
The Windows Version 3.2.4 use the libssh-0.7.3.
Don't understand why Windows's release has this issue.

So is there a plan to fix it in next version with newer libssh ?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #5 from Pascal Quantin  ---
Note that vcpkg now provides the libssh 0.9.3, so we could use this one instead
of our own compiled one.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #4 from Pascal Quantin  ---
The Windows platform is using libshh 0.7.3.1 build with MinGW with zlib and
gcrypt support.
So are there newer versions of libssh that would support the other key exchange
alogorithms?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

Dario Lombardo  changed:

   What|Removed |Added

 CC||pas...@wireshark.org

--- Comment #3 from Dario Lombardo  ---
You are correct. If this is windows package, it is built with libssh provided
by wireshark in the build system. Pascal knows more about that windows library
and about the possibility to update it. I'm adding him.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #2 from Guy Harris  ---
(In reply to Dario Lombardo from comment #1)
> Wireshark actually uses the library installed in the system,

Assuming there *is* one installed on the system.  This is Windows, so it may be
the one that the build environment contains.  The official 3.2.5 build for
Windows has

Version 3.2.5 (v3.2.5-0-ged20ddea8138)

Copyright 1998-2020 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later
 This is free software; see the
source for copying conditions. There is NO warranty; not even for
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.12.8, with WinPcap SDK (WpdPack) 4.1.2, with GLib
2.52.3, with zlib 1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4,
with GnuTLS 3.6.3 and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos,
with MaxMind DB resolver, with nghttp2 1.39.2, with brotli, with LZ4, with
Zstandard, with Snappy, with libxml2 2.9.9, with QtMultimedia, with automatic
updates using WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled
resampler), with SBC, with SpanDSP, with bcg729.

Running on 64-bit Windows 10 (2004), build 19041, with Intel(R) Core(TM)
i9-9980HK CPU @ 2.40GHz (with SSE4.2), with 8190 MB of physical memory, with
locale English_United States.1252, with light display mode, without HiDPI, with
Npcap version 0.9994, based on libpcap version 1.9.1, with GnuTLS 3.6.3, with
Gcrypt 1.8.3, with brotli 1.0.2, with AirPcap 4.1.3 build 3348, binary plugins
supported (19 loaded). Built using Microsoft Visual Studio 2019 (VC++ 14.26,
build 28806).

which matches (other than the system-dependent stuff such as the Windows build,
processor type, and amount of memory) what the submitter reported, so I don't
see a reason to assume he built Wireshark himself.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

--- Comment #1 from Dario Lombardo  ---
> I saw the wireshark use libssh-0.7.3, does it only supports 
> diffie-hellman-group14-sha1,diffie-hellman-group1-sha1. I google it, looks 
> like they are not safe, so is there configuration that wireshark can support 
> other KexAlgorithms ?

Wireshark actually uses the library installed in the system, that can be libssh
or libssh-gcrypt. Then it depends on how your wireshark has been compiled.
According to your version output, it looks like you have compiled it yourself,
doesn't it? In this case you have to check which ssh library you're using and
eventually upgrade it.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

Jaap Keuter  changed:

   What|Removed |Added

  Component|Translations|Extras

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-15 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

Jaap Keuter  changed:

   What|Removed |Added

 CC||lom...@gmail.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

2020-07-14 Thread bugzilla-daemon

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16700

Chuck Craft  changed:

   What|Removed |Added

 CC||bubbas...@gmail.com

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

[Wireshark-bugs] [Bug 16700] Wireshark connect to linux ssh server failed due to "no match for method kex algos"

19 matches

Site Navigation

Mail list logo

Footer information