On Wed, 13 Nov 2013, Loganaden Velvindron wrote: > On Wed, Nov 13, 2013 at 2:05 AM, Darren Tucker <dtucker at zip.com.au> wrote: >> On Tue, Nov 12, 2013 at 4:40 PM, <mikep at noc.utoronto.ca> wrote: >> >>> Just upgraded to OpenSSH_6.4 with OpenSSL 1.0.1e and libz.so.1.2.8. >>> Now some (but not all) Cisco router logins hang: >>> >>> debug1: sending SSH2_MSG_KEXDH_INIT >>> debug1: expecting SSH2_MSG_KEXDH_REPLY >>> [hangs] >>> >> >> Suggestions in approximate order of likelihood. >> - the additional KexAlgorithms exceed some static buffer in the Cisco. >> Try: >> "KexAlgorithms diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" >> - you have some kind of path MTU problem and the extra traffic from the >> additional algorithms pushes you past some packet boundary. Check the >> "send-q" column on client and the equivalent on the server and see if >> they're non-zero and non-decreasing). > > Shouldn't Mike open a ticket at CISCO so that they start fixing the > software on their side as well ? Sorry to have taken so long to get back to you about this - your suggestion about "KexAlgorithms" caused me to test a lot of combinations to find what will work. It turns out the Cisco SSH server only supports a limited set of ciphers (this is documented sort-of by Cisco, and is displayed when you try to force a non-supported cipher). This in turn seems to limit the key exchange mechanisms that will work. Forcing a cipher with '-c' also appears to force something in the Kex for OpenSSH; I can't find anything about Kex in any Cisco docs. I have created a special section of the 'ssh_config' file for those devices with these options, and all seems to be working fine: Ciphers aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchan ge-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 Thank you for the help! >>> Originally I had 'Cipher blowfish' set in '/etc/ssh/ssh_config', but >>> removing that makes no difference. >> >> That's because Cipher affects only Protocol 1 (which was some time in the >> past the only version at least some Cisco devices spoke). >> >>> However, forcing '-c 3des' does >>> allow it to work (even though '3des' is supposed to be the default): >> >> 3des is the default Cipher Protocol 1. Protocol 2 takes a list (Ciphers) >> and its default is >> >> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, >> aes128-gcm at openssh.com,aes256-gcm at openssh.com, >> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, >> aes256-cbc,arcfour >> >> the -c option overrides both. >> >> -- >> Darren Tucker (dtucker at zip.com.au) >> GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 >> Good judgement comes with experience. Unfortunately, the experience >> usually comes from bad judgement. >> _______________________________________________ >> openssh-unix-dev mailing list >> openssh-unix-dev at mindrot.org >> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev Mike -- Mike Peterson Information Security Analyst - Audit E-mail: mikep at noc.utoronto.ca WWW: http://www.noc.utoronto.ca/ Tel: 416-978-5230 Fax: 416-978-6620
