After a recent Ubuntu upgrade on my home machine, ssh attempts to it from the VirtualBox instance at work stopped working. Here’s what ssh spewed back at me:
no matching cipher found: client blowfish-cbc,arcfour server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
Impatient, I just logged in from another machine. The VM runs CentOS 5.10 so that its environment is comparable with what [used to be] present on the majority of our production servers. I’m an anti-RedHat bigot in the first place, and didn’t want to hunt down repos and upgrade my ssh.
That was not necessary. The problem was a “Ciphers” line I’d added to my ~/.ssh/config, intended to prefer (“Googallegedly”) faster encryption methods. Adding all but those that resemble email addresses seems to have fixed the issue. My “Ciphers” line now looks like this:
Host * Ciphers blowfish-cbc,arcfour,aes128-ctr,aes192-ctr,aes256-ctr
The ciphers may be defined in your system /etc/ssh/ssh_config. Check around. If you can’t find it anywhere, try this:
sudo find ~/.[a-z]* /etc -path '*ssh*' -type f | sudo xargs fgrep Cipher
Anyway, that was my fix. Right on in, easy-peasy lemon-squeezy.
Leave a Reply