On 29.01.2016 06:13 PM, KARL A. WOELFER wrote:

Mihai -

Your tip was spot - on. Everything looks to be working now, thank you so much for the troubleshooting. Thanks to everyone for their support.

As a general piece of advise: all lines in sshd_config (and ssh_config) are key-value pairs. If you don't specify a value for a key, sshd will either error out while parsing its config file during startup or assume an empty value for the key. Then, it will definitely error out while parsing the next line because it found an unknown key.

Note that libssh versions from 0.5.3 onwards also support the group14-sha1 key exchange algorithm. Debian Wheezy is shipping 0.5.4, so that would be covered. Unless you need even older client to connect to the server (for instance Ubuntu Precise), I suggest removing "diffie-hellman-group1-sha1" from the KexAlgorithms key again, because "diffie-hellman-group14-sha1" - which is also in the list - should be enough to let X2Go Client (via libssh) connect to the server.

Try setting KexAlgorithms to (I'll only post the value here, hope you can deduce the full line in sshd_config from my previous explanation -- and make sure that it's one line only, i.e., just copy-pasting from my mail may split it onto several lines):

curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

Restart sshd and see if X2Go Client can connect.

If it does not, try this:

curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1

Restart sshd, X2Go Client connect.

If it still does not, you'll need to use the original value, i.e.:

curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1

Mihai