Description
I have to work with a very old Solaris server as a target and I am stuck on the remote debugging setup.
This is the error message that is reported in the Debug Console:
Error running gdb over ssh!
Error: Handshake failed: no matching key exchange algorithm
I am able to connect to other servers that have a more recent sshd, so I'm pretty sure the problem comes from the KEX algorithms
The Solaris server proposes the following:
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss
debug2: ciphers ctos: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: ciphers stoc: aes128-ctr,aes128-cbc,arcfour,3des-cbc,blowfish-cbc,aes192-ctr,aes192-cbc,aes256-ctr,aes256-cbc
debug2: MACs ctos: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96
From what I see in the source code of this extension, there is a dependency on ssh2 v1.6.0, so I looked what it supports there:
kex - mixed - Key exchange algorithms.
Default list (in order from most to least preferable):
- curve25519-sha256 (node v14.0.0+)
- [email protected] (node v14.0.0+)
- ecdh-sha2-nistp256
- ecdh-sha2-nistp384
- ecdh-sha2-nistp521
- diffie-hellman-group-exchange-sha256
- diffie-hellman-group14-sha256
- diffie-hellman-group15-sha512
- diffie-hellman-group16-sha512
- diffie-hellman-group17-sha512
- diffie-hellman-group18-sha512
Other supported names:
- diffie-hellman-group-exchange-sha1
- diffie-hellman-group14-sha1
- diffie-hellman-group1-sha1
I see that what the server proposes is listed under "Other supported names". I have not figured out a way to test ssh2 directly, but my assumption is that these other supported names need to be enabled somehow when the Native Debug extension opens the ssh connection?