key exhange negotiation failed though client and server share some protocols

[rockmenjack]

Gitea Version

1.15.3

Git Version

2.33.0

Operating System

CentOS 7

How are you running Gitea?

After a openssh client upgrade, push to gitea

Database

SQLite

Can you reproduce the bug on the Gitea demo site?

No

Log Gist

No response

Description

using built-in SSH server with below config:

[server]
SSH_SERVER_CIPHERS      = aes128-ctr aes192-ctr aes256-ctr aes128-gcm@openssh.com arcfour256 arcfour128
SSH_SERVER_KEY_EXCHANGES = curve25519-sha256 diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 curve25519-sha256@libssh.org ssh-rsa

both client and server have common algorithm, but report no common algorithm for key exchange

2021/09/29 10:46:19 modules/ssh/ssh.go:259:sshConnectionFailed() [W] Failed connection from 10.118.13.125:50358 with error: ssh: no common algorithm for key exchange; 
client offered: [curve25519-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group-exchange-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 ext-info-c], 
server offered: [curve25519-sha256 diffie-hellman-group1-sha1 diffie-hellman-group14-sha1 ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 curve25519-sha256@libssh.org]

Screenshots

No response

[6543]

@rockmenjack 1.5.3 is quite old - we can not hunt down the issue on this version - its ancient

please upgrade to latest stable 1.15.3

[rockmenjack]

@rockmenjack 1.5.3 is quite old - we can not hunt down the issue on this version - its ancient

please upgrade to latest stable 1.15.3

Oh, that was a typo, I was supposed to mean 1.15.3

[6543]

can reproduce on main ...

[synaptiko]

I'm not sure if it's related but after the upgrade I started getting:

Unable to negotiate with XYZ port 22: no matching host key type found. Their offer: ssh-rsa
fatal: Could not read from remote repository.

I'm also using built-in SSH server and I didn't configure neither SSH_SERVER_KEY_EXCHANGES nor SSH_SERVER_CIPHERS previously, so I suppose it uses defaults.

[neonmoe]

I'm having the same issue as @synaptiko above. Adding HostkeyAlgorithms ssh-rsa to my ~/.ssh/config for the host fixed the host key type problem, but my keys don't work. Seems like the internal ssh server just isn't working as it used to.

EDIT: Turns out I'm running gitea 1.14.5, so nevermind, I should probably be running the freshest code before complaining 😄 Worked around it personally by just switching to the system's ssh server instead of gitea's internal one.

[idanoo]

Looks like the same issue as here

gogs/gogs#6623

[simonvik]

Probably golang/go#37278 and it happens with openssh >= 8.8

From https://www.openssh.com/releasenotes.html :

by default. This change has been made as the SHA-1 hash algorithm is
cryptographically broken, and it is possible to create chosen-prefix
hash collisions for <USD$50K [1]

[nougad]

Workaround is to specify SSH parameter in ~/.ssh/config:

Host mygiteahost.com
	Port 2222
	HostKeyAlgorithms +ssh-rsa
	PubkeyAcceptedAlgorithms +ssh-rsa
	User gitea

[dogtopus]

Apparently ssh-rsa host key algorithm (and apparently also the signature algorithm) was declared deprecation a year ago and it finally has an effect.

Also to add insult to injury, it seems like gitea's internal ssh server is hard-coded to only generate ssh-rsa keys so I can't easily force it into rsa-sha2-* or other key types/algorithms, and the easiest workaround seems to be enabling ssh-rsa back as @nougad suggested.

[Poyoman39]

Found some informations here : https://dev.to/cloudx/why-openssh-8-8-cannot-find-a-host-key-type-if-ssh-rsa-is-provided-49i