Talking to older hosts with SSH
18th May 2019
Running through older CTFs (or horrifingly, while onsite), there comes a need to actually get an SSH connection, rather than be fobbed off with "Unable to negotiate..."
The two main issues I've encountered with older systems so far are key exchange issues ("no matching key exchange method") and cipher issues ("no matching cipher sound"). They're fairly self-explanatory, and you can hopefully fix them with a simple flag, without needing to install an older version.
PLEASE NOTE: These commands will also apply to other sections of the SSH family, including scp.
Key Exchange Issues
Initial communication with an SSH server relies on an encrypted key exchange. As it is encrypted, a common cipher must be agreed upon - for older servers, this may not be one which the client supports by default. On error, the server should respond with available ciphers. Simply list your ciphers and add it to your clients configuration. Ideally this would be for the once, but if you keep coming back to the same host you can always add it to your configuration.
> ssh root@oldHost Unable to negotiate with oldHost port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
List your ciphers
So to fix this we want to offer a cipher suite which the server also accepts. List your available key exchange methods using the following command:
> ssh -Q kex diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 diffie-hellman-group14-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group-exchange-sha1 diffie-hellman-group-exchange-sha256 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 curve25519-sha256 firstname.lastname@example.org email@example.com
Freshly armed with our knowledge of both our possible key exchange methods and those accepted by the server, we can nominate an appropriate method (or a comma separated list) and add it to our configuration for this request only by using the following command:
> ssh -oKexAlgorithms=+diffiehellman-group1-sha1
Furthermore, continued communication with the server relies on using a common cipher suite. The client and server will compare their supported cipher suites and choose something appropriate. When it works that is.
Similarly, you may find the following error, where your client has no support for ciphers offered by the server, normally just after your sorted the Key Exchange Algorithm's bullshit:
> ssh oldHost Unable to negotiate with oldHost port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,firstname.lastname@example.org
List your ciphers
As with the Key Exchange Algorithm, we need to nominate a matching cipher. Again, these are normally deprecated for a good reason, which is why they have been removed from the default offering. To list ciphers supported by your installation of SSH, run the following command:
> ssh -Q ciphers 3des-cbc aes128-cbc aes192-cbc aes256-cbc email@example.com aes128-ctr aes192-ctr aes256-ctr firstname.lastname@example.org email@example.com firstname.lastname@example.org
And with our available ciphers hopefully containing some old croaker accepted by the server, we can declare our wish to use it via:
> ssh -c aes128-cbc root@oldHost