Monthly Archives: juin 2015

sshd fatal: cipher & key exhange

I did some update on an old debian system and then SSH server refused to let me in.
I got the message:

sshd[19482]: fatal: no matching cipher found:

Just have a look in your /var/log/auth file and determine what cipher the client and server are using. This error message means there is no common cipher between the client and the server.

I added in /etc/ssh/sshd_config file the lines:

Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,blowfish-cbc,aes128-cbc,3des-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc

Then I got a new error message:

sshd[20362]: fatal: Unable to negotiate a key exchange method [preauth]

Just precise key exchange method by adding the following line in your /etc/ssh/sshd_config file:

KexAlgorithms=curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1