[EdLUG] ssh handshake issues in Ubuntu 22.04

[Roy]

Malcolm,

Run ssh -vvv <pihole> and look at the debug output. There is lots of it.
“Encryption exchange with host failed” means that the two ends of the link could not agree on an encryption algorithm, either for the host key verification or tater, the secure channel encryption.
This happens as encryption algorithms get depreciated and removed from time to time.

ssh may not use a depreciated encryption algorithm, even if its not been removed.

ssh -c <cipher_spec> <pihole> tells ssh to use <cipher_spec>, even if its depreciated. This requires that the ssh build includes the  <cipher_spec> cipher.

Once you look at the ssh -vvv output, you will have a list of ciphers to try.

Te long term fix is to upgrade the 'old' ssh to not use depreciated ciphers.

Regards,

Roy Bamford




  




On 10/10/2022 10:50, Malcolm Durie wrote:
> 
> I use a RaspberryPi3B+ as a pihole add blocker server on my home network running headless so access it by ssh for maintenance etc.
>
> It went well until i upgraded the OS to the latest Ubuntu Server LTS 22.04 recently. I have used Ubuntu as the server as it proved more reliable for long term use compared to Raspbian.
>
> I cannot now ssh the server from SSH apps on my ipad. I get an error “Encryption exchange with host failed”, On IOS apps and from windows pc does not always connect.
>
> On my pi4B I have run Raspberry Pi OS that is the same generation of the kernel 5.15 and Debian11 and this works ok in both the 32bit and 64 bit versions.
>
> Ssh still works ok from macos and linux devices to the ubuntu server?
>
> Is there some specific ssh update specific  to Ubuntu?
>
> I have not been able to find any documentation about this issue with ssh authentication and handshaking changes?
>
> Thanks
>
> Malcolm
>
>
>