[X2Go-User] kex error

Mihai Moldovan ionic at ionic.de
Fri Jan 29 18:38:08 CET 2016 

On 29.01.2016 06:13 PM, KARL A. WOELFER wrote:
> Mihai - 
> 
> Your tip was spot - on. Everything looks to be working now, thank you so much for the troubleshooting.
> Thanks to everyone for their support.

As a general piece of advise: all lines in sshd_config (and ssh_config) are
key-value pairs. If you don't specify a value for a key, sshd will either error
out while parsing its config file during startup or assume an empty value for
the key. Then, it will definitely error out while parsing the next line because
it found an unknown key.


Note that libssh versions from 0.5.3 onwards also support the group14-sha1 key
exchange algorithm. Debian Wheezy is shipping 0.5.4, so that would be covered.
Unless you need even older client to connect to the server (for instance Ubuntu
Precise), I suggest removing "diffie-hellman-group1-sha1" from the KexAlgorithms
key again, because "diffie-hellman-group14-sha1" - which is also in the list -
should be enough to let X2Go Client (via libssh) connect to the server.

Try setting KexAlgorithms to (I'll only post the value here, hope you can deduce
the full line in sshd_config from my previous explanation -- and make sure that
it's one line only, i.e., just copy-pasting from my mail may split it onto
several lines):

curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

Restart sshd and see if X2Go Client can connect.

If it does not, try this:

curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1

Restart sshd, X2Go Client connect.

If it still does not, you'll need to use the original value, i.e.:

curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1



Mihai



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <http://lists.x2go.org/pipermail/x2go-user/attachments/20160129/1d2b6bc2/attachment.pgp>

More information about the x2go-user mailing list