Bug #8677
Can't ssh to git.tails.boum.org from Tails
Start date:
2015-01-11
Due date:
% Done:
0%
Description
Since today I can’t SSH to git.tails.boum.org anymore from Tails:
$ ssh -v tails@git.tails.boum.org
OpenSSH_6.0p1 Debian-4+deb7u2, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/amnesia/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 4: Applying options for *
debug1: Executing proxy command: exec /usr/local/bin/connect-socks git.tails.boum.org 22
debug1: identity file /home/amnesia/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/amnesia/.ssh/id_rsa-cert type -1
debug1: identity file /home/amnesia/.ssh/id_dsa type -1
debug1: identity file /home/amnesia/.ssh/id_dsa-cert type -1
debug1: identity file /home/amnesia/.ssh/id_ecdsa type -1
debug1: identity file /home/amnesia/.ssh/id_ecdsa-cert type -1
debug1: permanently_drop_suid: 1000
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
no matching mac found: client hmac-sha1,hmac-md5,hmac-ripemd160 server hmac-sha2-512,hmac-sha2-256
This is on immerda, right? Did you change the crypto suites on that server yourself? Shall I contact them directly instead?
Subtasks
Related issues
Related to Tails - |
Resolved | 2014-05-27 |
History
#1 Updated by intrigeri 2015-01-11 12:58:05
> This is on immerda, right?
Yes.
> Did you change the crypto suites on that server yourself?
No, we don’t manage the SSH server there, only our Gitolite instance.
> Shall I contact them directly instead?
Yes.
#2 Updated by BitingBird 2015-01-11 19:44:50
- related to
Feature #7315: Remove custom SSH ciphers, MACs and HostKeyAlgorithms settings added
#3 Updated by BitingBird 2015-01-11 19:45:50
It probably has to do with Feature #7315, since plenty of people might be trying to secure ssh better after learning that it might sometimes be broken.
#4 Updated by sajolida 2015-01-13 16:48:18
- Status changed from New to Resolved
- Assignee deleted (
bertagaz) - QA Check deleted (
Info Needed)
It’s working fine again today, they probably rolled back their changes.