Hi, thanks for taking the time to file a bug. The three ciphers you listed, aes128-cbc, 3des-cbc, and des-cbc, I believe are not considered secure anymore. While your SSH client can use them, it may not offer them without explicitly saying you wish to use them as you have discovered.
It may be possible to use `ssh -vv ...` to produce some additional debug output and may show what ciphers were offered. As such I do not think this is actually a bug in Ubuntu and will mark it incomplete. If you disagree or have additional information please feel free to add it to this bug. Thanks again! ** Changed in: openssh (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1771359 Title: No matching cipher found even if client and server have matching cipher Status in openssh package in Ubuntu: Incomplete Bug description: Since Bionic upgrade (from Artful) I encounter problem to call HP switch with SSH. After the upgrade, trying to ssh some switch give me this message : $ ssh 192.168.0.1 Unable to negotiate with 192.168.0.1 port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,des-cbc So, I look for supported cipher : $ ssh -Q cipher 3des-cbc aes128-cbc aes192-cbc aes256-cbc rijndael-...@lysator.liu.se aes128-ctr aes192-ctr aes256-ctr aes128-...@openssh.com aes256-...@openssh.com chacha20-poly1...@openssh.com I see that aes128-cbc seem both supported. So I try... : $ ssh -c aes128-cbc 192.168.0.1 ...and It's work ! Workaround : I've added “ciphers aes128-cbc” to ~/.ssh/config file for each switch I manage. The ssh-client should detect automatically the good cipher ? No ? Thank you for your attention. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: openssh-client 1:7.6p1-4 ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17 Uname: Linux 4.15.0-20-generic x86_64 ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 CurrentDesktop: GNOME Date: Tue May 15 15:39:00 2018 EcryptfsInUse: Yes ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=fr_FR.UTF-8 SHELL=/bin/bash RelatedPackageVersions: ssh-askpass N/A libpam-ssh N/A keychain N/A ssh-askpass-gnome 1:7.6p1-4 SSHClientVersion: OpenSSH_7.6p1 Ubuntu-4, OpenSSL 1.0.2n 7 Dec 2017 SourcePackage: openssh UpgradeStatus: Upgraded to bionic on 2018-04-24 (21 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1771359/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp