You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@guacamole.apache.org by "Matt Baran (Jira)" <ji...@apache.org> on 2022/01/17 16:56:00 UTC
[jira] [Commented] (GUACAMOLE-1497) Guacamole 1.4.0 ssh client seems to have host key sig compatibility issues with my ssh server
[ https://issues.apache.org/jira/browse/GUACAMOLE-1497?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17477320#comment-17477320 ]
Matt Baran commented on GUACAMOLE-1497:
---------------------------------------
Experiencing the same problem here. Was not able to log into a recent build of OPNsense Firewall as they've increased security by configuring more modern host key algorithms.
> Guacamole 1.4.0 ssh client seems to have host key sig compatibility issues with my ssh server
> ---------------------------------------------------------------------------------------------
>
> Key: GUACAMOLE-1497
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1497
> Project: Guacamole
> Issue Type: Bug
> Components: SSH
> Affects Versions: 1.4.0
> Reporter: Colin Gordon
> Priority: Major
> Attachments: pcap.pcap
>
>
> Gaucamole fails to establish a connection to my piKVM via SSH.
> Guacd reports "SSH handshake failed" in the logs.
> I took a pcap and noticed that the guacamole client seems to only support two server host key algorithms: ssh-rsa and ssh-dss. The ssh server doesn't support either of those two. I infer that this is the cause of the ssh handshake failure.
> From googling around, openssh no longer supports ssh-rsa so it seems like a deprecation issue. My suggested fix would be for the guac ssh client to support additional server host key algorithms.
> PCAP attached. The client (guac) is 100.76.173.55 and the server is 100.97.86.50.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)