Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Are we running light with overbyte?

computers / comp.sys.ibm.as400.misc / Re: SFTP client failing on 7.4

SubjectAuthor
* SFTP client failing on 7.4John McCann
`* Re: SFTP client failing on 7.4Grant Taylor
 `* Re: SFTP client failing on 7.4John McCann
  `- Re: SFTP client failing on 7.4Grant Taylor

1
SFTP client failing on 7.4

<355eda93-4494-482c-ba2c-7ee9ef8c6902n@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=47&group=comp.sys.ibm.as400.misc#47

  copy link   Newsgroups: comp.sys.ibm.as400.misc
X-Received: by 2002:ad4:5be3:0:b0:461:d09e:115d with SMTP id k3-20020ad45be3000000b00461d09e115dmr33649972qvc.37.1653646904826;
Fri, 27 May 2022 03:21:44 -0700 (PDT)
X-Received: by 2002:a05:6214:cad:b0:462:41f4:b269 with SMTP id
s13-20020a0562140cad00b0046241f4b269mr20253986qvs.63.1653646904717; Fri, 27
May 2022 03:21:44 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.sys.ibm.as400.misc
Date: Fri, 27 May 2022 03:21:44 -0700 (PDT)
Injection-Info: google-groups.googlegroups.com; posting-host=195.102.184.200; posting-account=VvmP5AoAAADulkudbUCIOsPdK9nwQOjo
NNTP-Posting-Host: 195.102.184.200
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <355eda93-4494-482c-ba2c-7ee9ef8c6902n@googlegroups.com>
Subject: SFTP client failing on 7.4
From: john_j_m...@yahoo.co.uk (John McCann)
Injection-Date: Fri, 27 May 2022 10:21:44 +0000
Content-Type: text/plain; charset="UTF-8"
 by: John McCann - Fri, 27 May 2022 10:21 UTC

Hi

We recently upgraded to a new power 9 box running 7.4, and SFTP client to a customer( we do not run the server) now fails with;

debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: rsa-sha2-512
Unable to negotiate with nnn.nn.nnn.nn port 22: no matching cipher found. Their offer: aes256-cbc,aes128-cbc,blowfish-cbc,3des-cbc,cast128-cbc

We are just using password authentication, which still works fine on our old power 8 box on 7.2.

We have implemented older protocols and ciphers using system values QSSLCSL, QSSLCSLCTL, QSSLPCL , and TLSCONFIG (in SST)

Has anyone come across this before, or has any idea where I might look next.

Re: SFTP client failing on 7.4

<t6r1aa$ma3$1@tncsrv09.home.tnetconsulting.net>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=48&group=comp.sys.ibm.as400.misc#48

  copy link   Newsgroups: comp.sys.ibm.as400.misc
Path: i2pn2.org!i2pn.org!usenet.blueworldhosting.com!feed1.usenet.blueworldhosting.com!tncsrv06.tnetconsulting.net!tncsrv09.home.tnetconsulting.net!.POSTED.alpha.home.tnetconsulting.net!not-for-mail
From: gtay...@tnetconsulting.net (Grant Taylor)
Newsgroups: comp.sys.ibm.as400.misc
Subject: Re: SFTP client failing on 7.4
Date: Fri, 27 May 2022 11:21:26 -0600
Organization: TNet Consulting
Message-ID: <t6r1aa$ma3$1@tncsrv09.home.tnetconsulting.net>
References: <355eda93-4494-482c-ba2c-7ee9ef8c6902n@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Fri, 27 May 2022 17:21:14 -0000 (UTC)
Injection-Info: tncsrv09.home.tnetconsulting.net; posting-host="alpha.home.tnetconsulting.net:198.18.18.251";
logging-data="22851"; mail-complaints-to="newsmaster@tnetconsulting.net"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.13.0
In-Reply-To: <355eda93-4494-482c-ba2c-7ee9ef8c6902n@googlegroups.com>
Content-Language: en-US
 by: Grant Taylor - Fri, 27 May 2022 17:21 UTC

On 5/27/22 4:21 AM, John McCann wrote:
> Hi

Hi,

> We recently upgraded to a new power 9 box running 7.4, and SFTP client
> to a customer( we do not run the server) now fails with;

....

> Has anyone come across this before, or has any idea where I might
> look next.

I've run into something very similar on other platforms.

Take a look at this and see if it helps you as it helped me.

Link - OpenSSH: Legacy Options
- https://www.openssh.com/legacy.html

In short, the OpenSSH developers have disabled support for some older
encryption algorithms and key exchange algorithms _by_ _default_. Thus
far they are still there and can be re-enabled.

I've used both command line and client configuration file variants of
these options on different systems as the need arises.

--
Grant. . . .
unix || die

Re: SFTP client failing on 7.4

<09fd16c4-1eae-4ac4-9b16-dc4ccdb12d77n@googlegroups.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=49&group=comp.sys.ibm.as400.misc#49

  copy link   Newsgroups: comp.sys.ibm.as400.misc
X-Received: by 2002:adf:f183:0:b0:219:f099:1718 with SMTP id h3-20020adff183000000b00219f0991718mr5048848wro.73.1655389799444;
Thu, 16 Jun 2022 07:29:59 -0700 (PDT)
X-Received: by 2002:a05:620a:2844:b0:680:d4a4:ced8 with SMTP id
h4-20020a05620a284400b00680d4a4ced8mr3551980qkp.290.1655389798974; Thu, 16
Jun 2022 07:29:58 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!proxad.net!feeder1-2.proxad.net!209.85.128.87.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.sys.ibm.as400.misc
Date: Thu, 16 Jun 2022 07:29:58 -0700 (PDT)
In-Reply-To: <t6r1aa$ma3$1@tncsrv09.home.tnetconsulting.net>
Injection-Info: google-groups.googlegroups.com; posting-host=94.3.215.159; posting-account=VvmP5AoAAADulkudbUCIOsPdK9nwQOjo
NNTP-Posting-Host: 94.3.215.159
References: <355eda93-4494-482c-ba2c-7ee9ef8c6902n@googlegroups.com> <t6r1aa$ma3$1@tncsrv09.home.tnetconsulting.net>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <09fd16c4-1eae-4ac4-9b16-dc4ccdb12d77n@googlegroups.com>
Subject: Re: SFTP client failing on 7.4
From: john_j_m...@yahoo.co.uk (John McCann)
Injection-Date: Thu, 16 Jun 2022 14:29:59 +0000
Content-Type: text/plain; charset="UTF-8"
 by: John McCann - Thu, 16 Jun 2022 14:29 UTC

On Friday, May 27, 2022 at 6:21:17 PM UTC+1, Grant Taylor wrote:
> On 5/27/22 4:21 AM, John McCann wrote:
> > Hi
>
> Hi,
> > We recently upgraded to a new power 9 box running 7.4, and SFTP client
> > to a customer( we do not run the server) now fails with;
> ...
> > Has anyone come across this before, or has any idea where I might
> > look next.
> I've run into something very similar on other platforms.
>
> Take a look at this and see if it helps you as it helped me.
>
> Link - OpenSSH: Legacy Options
> - https://www.openssh.com/legacy.html
>
> In short, the OpenSSH developers have disabled support for some older
> encryption algorithms and key exchange algorithms _by_ _default_. Thus
> far they are still there and can be re-enabled.
>
> I've used both command line and client configuration file variants of
> these options on different systems as the need arises.
>
>
>
> --
> Grant. . . .
> unix || die

Thanks Grant.

Re: SFTP client failing on 7.4

<t8gt4u$t7p$2@tncsrv09.home.tnetconsulting.net>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=50&group=comp.sys.ibm.as400.misc#50

  copy link   Newsgroups: comp.sys.ibm.as400.misc
Path: i2pn2.org!i2pn.org!usenet.blueworldhosting.com!feed1.usenet.blueworldhosting.com!tncsrv06.tnetconsulting.net!tncsrv09.home.tnetconsulting.net!.POSTED.alpha.home.tnetconsulting.net!not-for-mail
From: gtay...@tnetconsulting.net (Grant Taylor)
Newsgroups: comp.sys.ibm.as400.misc
Subject: Re: SFTP client failing on 7.4
Date: Thu, 16 Jun 2022 21:41:37 -0600
Organization: TNet Consulting
Message-ID: <t8gt4u$t7p$2@tncsrv09.home.tnetconsulting.net>
References: <355eda93-4494-482c-ba2c-7ee9ef8c6902n@googlegroups.com>
<t6r1aa$ma3$1@tncsrv09.home.tnetconsulting.net>
<09fd16c4-1eae-4ac4-9b16-dc4ccdb12d77n@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Fri, 17 Jun 2022 03:41:18 -0000 (UTC)
Injection-Info: tncsrv09.home.tnetconsulting.net; posting-host="alpha.home.tnetconsulting.net:198.18.18.251";
logging-data="29945"; mail-complaints-to="newsmaster@tnetconsulting.net"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.13.0
In-Reply-To: <09fd16c4-1eae-4ac4-9b16-dc4ccdb12d77n@googlegroups.com>
Content-Language: en-US
 by: Grant Taylor - Fri, 17 Jun 2022 03:41 UTC

On 6/16/22 8:29 AM, John McCann wrote:
> Thanks Grant.

You're welcome.

I am curious if the OpenSSH - Legacy Options was germane for you on -- I
presume -- IBM i or not.

--
Grant. . . .
unix || die

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor