Options

SSH Cipher Error for Linux Red Hat

JockVSJockJockVSJock Member Posts: 1,118
in Off-Topic
So I'm trying to use PuTTY (v0.5icon_cool.gif on Win 7 to get to a Linux Red Hat Enterprise 5.10

PuTTY is throwing the following error:
PuTTY Fatal Error

Couldn't agree a client-to-server cipher (available: aes 128-ctr, aes192-ctr,aes256-ctr)

My /etc/hosts.allow file has my computer IP address in the file

ALL: 143.83.221.108

Under /etc/ssh/ssh_config I have the following entry under Host *

Ciphers aes128-ctr, aes192-ctr, aes256-ctr

And under /etc/sysconfig the iptables has the following entry for my computer

-A INPUT -s 143.83.221.108 -p tcp -m tcp --dport 22 -j ACCEPT

I can successfully ping, traceroute and log in via termainl from VMWare vSphere all ok, so I can reach the box...

I'm not sure what I am missing or what I need to be successful in using PuTTY from my Windows desktop to the Red Hat Linux box.

thanks
***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

"Its easier to deceive the masses then to convince the masses that they have been deceived."
-unknown
· Share on FacebookShare on Twitter

Comments

  • Options
    darkerosxxdarkerosxx Banned Posts: 1,343
    Check your server settings in sshd_config.
    · Share on FacebookShare on Twitter
  • Options
    JockVSJockJockVSJock Member Posts: 1,118
    I check under /etc/ssh/sshd_config and have the following listed:
    #ListenAddress:: 
MACS hmac-sha1 
Ciphers aes128-ctr,aes192-ctr,aes256-ctr

    Checked the rest of the file and I don't see anything that really stands out or would point to the issue...
    ***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

    "Its easier to deceive the masses then to convince the masses that they have been deceived."
    -unknown
    · Share on FacebookShare on Twitter
  • Options
    darkerosxxdarkerosxx Banned Posts: 1,343
    Ahh, I thought you meant the other ssh_config earlier. I haven't seen this before. Try playing around with your putty settings and flipping a few switches, see if anything gets it to work.
    · Share on FacebookShare on Twitter
  • Options
    NightShade03NightShade03 Member Posts: 1,383 ■■■■■■■□□□
    You are a few version behind on PuTTy...the current version 0.63. I would try updating your putty client and then attempt to reconnect.
    Modular Learning - Learn Something New

    SE Notebook
    · Share on FacebookShare on Twitter
  • Options
    JockVSJockJockVSJock Member Posts: 1,118
    Good point.

    I will have to talk to my manager and info sec manager and see if I can upgrade PuTTY.
    ***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

    "Its easier to deceive the masses then to convince the masses that they have been deceived."
    -unknown
    · Share on FacebookShare on Twitter
  • Options
    JockVSJockJockVSJock Member Posts: 1,118
    Haven't upgraded PuTTY yet.

    We tested a few of the ip addresses that I can't get to from my desktop, and my co-worker can get to them ok without the cert error.

    Could this be a Certificate error?

    If so, I'm not sure how to proceed with this. Other then pulling them up on the Windows 7 box (Start > Run > MMC > Add/Remove Snap-In >Certs)
    ***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

    "Its easier to deceive the masses then to convince the masses that they have been deceived."
    -unknown
    · Share on FacebookShare on Twitter
  • Options
    MitechniqMitechniq Member Posts: 286 ■■■■□□□□□□
    Oh no, using Putty 5.0 will never work and I hope this is not installed on a DOD network (don't answer that)... It is not until 5.9 where the CTR layer encryption mode was available to Putty....like the previous people have said...'UPDATE' and that should fix your issue...
    · Share on FacebookShare on Twitter
  • Options
    JockVSJockJockVSJock Member Posts: 1,118
    Mitechniq wrote: »
    Oh no, using Putty 5.0 will never work and I hope this is not installed on a DOD network (don't answer that)... It is not until 5.9 where the CTR layer encryption mode was available to Putty....like the previous people have said...'UPDATE' and that should fix your issue...

    The STIG that I found shows that v6.0 is allowed, the only issue now is finding the software. I've got the desktop team looking for it.
    ***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

    "Its easier to deceive the masses then to convince the masses that they have been deceived."
    -unknown
    · Share on FacebookShare on Twitter
  • Options
    MitechniqMitechniq Member Posts: 286 ■■■■□□□□□□
    That is the last Version (6.0) we used before we went to SecureCRT, I still have a copy of it if needed. Just PM me and I can send it to you through Army 'Safe Access File Exchange'...
    · Share on FacebookShare on Twitter
  • Options
    JockVSJockJockVSJock Member Posts: 1,118
    Mitechniq wrote: »
    That is the last Version (6.0) we used before we went to SecureCRT, I still have a copy of it if needed. Just PM me and I can send it to you through Army 'Safe Access File Exchange'...

    PM sent.

    Thanks in advance.
    ***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

    "Its easier to deceive the masses then to convince the masses that they have been deceived."
    -unknown
    · Share on FacebookShare on Twitter
  • Options
    JockVSJockJockVSJock Member Posts: 1,118
    Upgrading PuTTY from v5.8 to v6 solved the issue.

    thanks
    ***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)

    "Its easier to deceive the masses then to convince the masses that they have been deceived."
    -unknown
    · Share on FacebookShare on Twitter
Sign In or Register to comment.