[X2Go-Dev] The cygwin sshd problem [advice wanted]
Mihai Moldovan
ionic at ionic.de
Fri Apr 29 04:02:23 CEST 2016
On 28.04.2016 03:26 PM, Mike DePaulo wrote:
> For those who don't know about the issue with X2Go Client for Windows
> that is holding up its 4.0.5.1 release, upgrading cygwin sshd from
> 6.8p1-1 to 7.1p2-1 broke our folder sharing & printer sharing feature.
>
> After I added the cygwin sshd logging feature, I see this in the sshd log file:
> Unable to negotiate with 127.0.0.1: no matching host key type found. ...
> http://pastebin.com/M7CeySQ9
>
> After doing some research, it looks like this is the incompatible change:
> http://www.openssh.com/txt/release-7.0
> * Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled
> by default at run-time. These may be re-enabled using the
> instructions at http://www.openssh.com/legacy.html
>
> What I am wondering is this: Are we limiting ourselves to
> ssh-dss-cert-* keys, or is sshfs limiting us?
We're limiting ourselves here (for no good reason, as far as I can tell. It just
happen to be implemented that way.) #1003 is a request for RSA key support.
Enabling DSA when starting sshd.exe is one possible workaround, either via
command line or config file option.
I'll hook in RSA host key support at some time, but not right now and not on
master. My bugfix/osx branch already contains a lot of WiP changes regarding
sshd support as well, but isn't finished yet. Adding RSA host key support on
master would make merging way more difficult for me.
Alternatively, if the newer version doesn't fix any security issues we are
affected by, we could ship the older version for now.
Mihai
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20160429/712720a4/attachment.pgp>
More information about the x2go-dev
mailing list