Talking to older hosts with SSH

18th May 2019

Running through older CTFs (or horrifingly, while onsite), there comes a need to actually get an SSH connection, rather than be fobbed off with "Unable to negotiate..."

The two main issues I've encountered with older systems so far are key exchange issues ("no matching key exchange method") and cipher issues ("no matching cipher sound"). They're fairly self-explanatory, and you can hopefully fix them with a simple flag, without needing to install an older version.

PLEASE NOTE: These commands will also apply to other sections of the SSH family, including scp.

Key Exchange Issues

Initial communication with an SSH server relies on an encrypted key exchange. As it is encrypted, a common cipher must be agreed upon - for older servers, this may not be one which the client supports by default. On error, the server should respond with available ciphers. Simply list your ciphers and add it to your clients configuration. Ideally this would be for the once, but if you keep coming back to the same host you can always add it to your configuration.

The error

> ssh root@oldHost
Unable to negotiate with oldHost port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1

List your ciphers

So to fix this we want to offer a cipher suite which the server also accepts. List your available key exchange methods using the following command:

> ssh -Q kex
diffie-hellman-group1-sha1
diffie-hellman-group14-sha1
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
diffie-hellman-group-exchange-sha1
diffie-hellman-group-exchange-sha256
ecdh-sha2-nistp256
ecdh-sha2-nistp384
ecdh-sha2-nistp521
curve25519-sha256
curve25519-sha256@libssh.org
sntrup4591761x25519-sha512@tinyssh.org

The solution

Freshly armed with our knowledge of both our possible key exchange methods and those accepted by the server, we can nominate an appropriate method (or a comma separated list) and add it to our configuration for this request only by using the following command:

> ssh -oKexAlgorithms=+diffiehellman-group1-sha1

Cipher Issues

Furthermore, continued communication with the server relies on using a common cipher suite. The client and server will compare their supported cipher suites and choose something appropriate. When it works that is.

The error

Similarly, you may find the following error, where your client has no support for ciphers offered by the server, normally just after your sorted the Key Exchange Algorithm's bullshit:

> ssh oldHost
Unable to negotiate with oldHost port 22: no matching cipher found.
Their offer: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@lysator.liu.se

List your ciphers

As with the Key Exchange Algorithm, we need to nominate a matching cipher. Again, these are normally deprecated for a good reason, which is why they have been removed from the default offering. To list ciphers supported by your installation of SSH, run the following command:

> ssh -Q ciphers
3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

The solution

And with our available ciphers hopefully containing some old croaker accepted by the server, we can declare our wish to use it via:

> ssh -c aes128-cbc root@oldHost