Friday, July 29, 2022

[SOLVED] Error while trying to connect via SSH to remote host

Issue

I'm trying to connect to a remote host to issue a command, but I'm getting the following error message while running the code:

ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [[email protected] ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1], server offered: [diffie-hellman-group1-sha1]panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x759836]

Here is the code that I'm using:

func (SSHClient *SSH) Connect(mode int) {
    var SSHConfig *ssh.ClientConfig
    var auth []ssh.AuthMethod

    if mode == CERT_PUBLIC_KEY_FILE {
        auth = []ssh.AuthMethod{SSHClient.readPublicKeyFile(SSHClient.Cert)}
    }

    SSHConfig = &ssh.ClientConfig{
        User:            SSHClient.User,
        Auth:            auth,
        HostKeyCallback: ssh.InsecureIgnoreHostKey(),
        Timeout:         time.Second * DEFAULT_TIMEOUT,
    }

    SSHConfig.Config.Ciphers = append(SSHConfig.Config.Ciphers, "diffie-hellman-group1-sha1")

    client, err := ssh.Dial("tcp", fmt.Sprintf("%s:%d", SSHClient.IP, SSHClient.Port), SSHConfig)

    if err != nil {
        fmt.Printf("ERROR - While trying to Dial to the host %s with error: %s", SSHClient.IP, err.Error())
        return
    }

    session, err := client.NewSession()
    if err != nil {
        fmt.Printf("ERROR - While trying to create a new session on host %s with error: %s", SSHClient.IP, err.Error())
        client.Close()
        return
    }

    SSHClient.session = session
    SSHClient.client = client
}

Any ideas on how to resolve this issue?

Thanks in advance.


Solution

The problem is.... the server is only willing to talk over diffie-hellman-group1-sha1

And:

  • golang/go issue 2903: ssh: add diffie-hellman-group1-sha1, has been closed 6 days ago
  • golang/go/issue 17230: proposal: x/crypto/ssh: support Diffie-Hellman Group Exchange from RFC 4419, is being implemented now.

So you would need for your client a fork of golang.org/x/crypto/ssh, like bored-engineer/ssh, where commit 39a91b and commit fe5e4ff does add support for diffie-hellman-group1-sha1.
Or install the latest of golang/crypto, which includes commit 57b3e21.



Answered By - VonC
Answer Checked By - David Marino (WPSolving Volunteer)
at