enable diffie-hellman-group1-sha1 on Jessie

Discussion in 'Installation/Configuration' started by aldo, Aug 10, 2015.

  1. aldo

    aldo Member HowtoForge Supporter

    It seems that in Debian 8 (OpenSSH 6.7), diffie-Hellman-group1-sha1 is disabled by default.
    A client that connects via SSH receive the error:
    I tried adding
    Code:
    KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
    to sshd_config but the problem persists.

    Any help is welcome.
    Thanks.
     
    aldo, Aug 10, 2015
    #1
  2. Ovidiu

    Ovidiu Active Member

    Same question here, anyone?
     
    Ovidiu, Nov 24, 2015
    #2
  3. CrypticDesigns

    CrypticDesigns Member

    This can be caused becuase in some Linux distributions, /etc/ssh/sshd_conf is missing the KexAlgorithms and Cipher fields to describe which methods are supported by the SSH daemon. Please try to add this inside the conf:
    Code:
    KexAlgorithms diffie-hellman-group1-sha1,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
Ciphers 3des-cbc,blowfish-cbc,aes128-cbc,aes128-ctr,aes256-ctr
    After saving, regenerate the keys:
    Code:
    "ssh-keygen -A"
    Then restart SSH service.
    Give me an output if this will work
     
    Last edited: Dec 10, 2015
    CrypticDesigns, Dec 4, 2015
    #3
    aldo and Ovidiu like this.
  4. alkool

    alkool New Member

    It works, after a restart of the sshd. Thanks!

    P.S. I made an account here just to let you know.
     
    alkool, Dec 10, 2015
    #4
  5. CrypticDesigns

    CrypticDesigns Member

    Great to know! Tell me if you need any more help.
     
    CrypticDesigns, Dec 10, 2015
    #5

Share This Page