[X2Go-Dev] Bug#1373: Bug#1373: kex error : no match for method mac algo

Antenore Gatta antenore at simbiosi.org
Mon Feb 18 10:24:41 CET 2019 

Hi Daniel,

I'm just a reader, but X2GO uses libssh, that support the Kex you are
using, so first of all, you have to install an updated version of libssh
and eventually check if it has been compiled with the support of these
algorithms.

Normally, I think, on the X2GO side there is nothing more to do.

Have a look here:

https://www.libssh.org/features/


On Mon, 18 Feb 2019 11:07:37 +0200
Danie de Jager <danie.dejager at striata.com> wrote:

> Package: client
> 
> The client does not support chacha20 as I get this error when I try to
> connect to the X2Go server. I did harden my SSH configuration as
> guided by Mozzila
> https://infosec.mozilla.org/guidelines/openssh
> 
> When I use defaults it works fine. It seems that the library used by
> X2Go is missing some newer methods.
> 
> Config:
> server ssh config:
> KexAlgorithms curve25519-sha256 at libssh.org
> ,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
> Ciphers chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,
> aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
> MACs hmac-sha2-512-etm at openssh.com,hmac-sha2-256-etm at openssh.com,
> umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128 at openssh.com
> 
> Client sshd config:
> Client using default sshd config
> 
> or
> 
> HashKnownHosts yes
> HostKeyAlgorithms ssh-ed25519-cert-v01 at openssh.com,
> ssh-rsa-cert-v01 at openssh.com,ssh-ed25519,ssh-rsa,
> ecdsa-sha2-nistp521-cert-v01 at openssh.com,
> ecdsa-sha2-nistp384-cert-v01 at openssh.com,
> ecdsa-sha2-nistp256-cert-v01 at openssh.com
> ,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256
> KexAlgorithms curve25519-sha256 at libssh.org
> ,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256
> MACs hmac-sha2-512-etm at openssh.com,hmac-sha2-256-etm at openssh.com,
> umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128 at openssh.com
> Ciphers chacha20-poly1305 at openssh.com,aes256-gcm at openssh.com,
> aes128-gcm at openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
> 
> Error:
> "kex error : no match for method mac algo client->server: server [
> hmac-sha2-512-etm at openssh.com,hmac-sha2-256-etm at openssh.com,
> umac-128-etm at openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128 at openssh.com],
> client [hmac-sha1]"
> 
> or sometimes
> 
> "crypt_set_algorithms2: no crypto algorithm function found for
> chacha20-poly1305 at openssh.com"
> 
> Let me know if I can provide more information.
> 
> Regards,
> *Danie de Jager*

More information about the x2go-dev mailing list