cannot connect to Dropbear SSH server
Thank you for your reporting.
If LogLevel in TTSSH section is set to 100, TTSSH outputs log to TTSSH.LOG file.
You can see software versions of each side, and algorithm proposals of each side.
Thanks,
not really sure how to upload file ... fortunately it's not too big
2022-03-18 13:26:13.999Z [19376] --------------------------------------------------------------------- 2022-03-18 13:26:14.003Z [19376] Initiating SSH session 2022-03-18 13:26:14.027Z [19376] Received server identification string: SSH-2.0-dropbear_2020.80 2022-03-18 13:26:14.031Z [19376] Sent client identification string: SSH-2.0-TTSSH/2.92 Win32 2022-03-18 13:26:14.038Z [19376] CRYPT_set_random_data: RAND_bytes call 2022-03-18 13:26:14.042Z [19376] client proposal: KEX algorithm: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group18-sha512,diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 2022-03-18 13:26:14.047Z [19376] client proposal: server host key algorithm: ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa,ssh-dss 2022-03-18 13:26:14.051Z [19376] client proposal: encryption algorithm client to server: aes256-gcm@openssh.com,aes128-gcm@openssh.com,camellia256-ctr,aes256-ctr,camellia256-cbc,aes256-cbc,camellia192-ctr,aes192-ctr,camellia192-cbc,aes192-cbc,camellia128-ctr,aes128-ctr,camellia128-cbc,aes128-cbc,3des-ctr,3des-cbc,blowfish-ctr,blowfish-cbc,cast128-ctr,cast128-cbc,chacha20-poly1305@openssh.com 2022-03-18 13:26:14.056Z [19376] client proposal: encryption algorithm server to client: aes256-gcm@openssh.com,aes128-gcm@openssh.com,camellia256-ctr,aes256-ctr,camellia256-cbc,aes256-cbc,camellia192-ctr,aes192-ctr,camellia192-cbc,aes192-cbc,camellia128-ctr,aes128-ctr,camellia128-cbc,aes128-cbc,3des-ctr,3des-cbc,blowfish-ctr,blowfish-cbc,cast128-ctr,cast128-cbc,chacha20-poly1305@openssh.com 2022-03-18 13:26:14.060Z [19376] client proposal: MAC algorithm client to server: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1,hmac-ripemd160-etm@openssh.com,hmac-ripemd160@openssh.com,hmac-md5-etm@openssh.com,hmac-md5 2022-03-18 13:26:14.064Z [19376] client proposal: MAC algorithm server to client: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1,hmac-ripemd160-etm@openssh.com,hmac-ripemd160@openssh.com,hmac-md5-etm@openssh.com,hmac-md5 2022-03-18 13:26:14.068Z [19376] client proposal: compression algorithm client to server: none 2022-03-18 13:26:14.073Z [19376] client proposal: compression algorithm server to client: none 2022-03-18 13:26:14.077Z [19376] CRYPT_set_random_data: RAND_bytes call 2022-03-18 13:26:14.081Z [19376] SSH2_MSG_KEXINIT was sent at SSH2_send_kexinit(). 2022-03-18 13:26:14.086Z [19376] SSH2_MSG_KEXINIT was received. 2022-03-18 13:26:14.090Z [19376] server proposal: KEX algorithm: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha256,kexguess2@matt.ucc.asn.au 2022-03-18 13:26:14.094Z [19376] server proposal: server host key algorithm: rsa-sha2-256,ssh-rsa 2022-03-18 13:26:14.098Z [19376] server proposal: encryption algorithm client to server: chacha20-poly1305@openssh.com,aes128-ctr,aes256-ctr 2022-03-18 13:26:14.102Z [19376] server proposal: encryption algorithm server to client: chacha20-poly1305@openssh.com,aes128-ctr,aes256-ctr 2022-03-18 13:26:14.106Z [19376] server proposal: MAC algorithm client to server: hmac-sha1,hmac-sha2-256 2022-03-18 13:26:14.110Z [19376] server proposal: MAC algorithm server to client: hmac-sha1,hmac-sha2-256 2022-03-18 13:26:14.115Z [19376] server proposal: compression algorithm client to server: zlib@openssh.com,none 2022-03-18 13:26:14.119Z [19376] server proposal: compression algorithm server to client: zlib@openssh.com,none 2022-03-18 13:26:14.124Z [19376] server proposal: language client to server: 2022-03-18 13:26:14.128Z [19376] server proposal: language server to client: 2022-03-18 13:26:14.132Z [19376] KEX algorithm: ecdh-sha2-nistp256 2022-03-18 13:26:14.137Z [19376] server host key algorithm: ssh-rsa 2022-03-18 13:26:14.141Z [19376] encryption algorithm client to server: aes256-ctr 2022-03-18 13:26:14.145Z [19376] encryption algorithm server to client: aes256-ctr 2022-03-18 13:26:14.149Z [19376] MAC algorithm client to server: hmac-sha2-256 2022-03-18 13:26:14.154Z [19376] MAC algorithm server to client: hmac-sha2-256 2022-03-18 13:26:14.158Z [19376] compression algorithm client to server: none 2022-03-18 13:26:14.162Z [19376] compression algorithm server to client: none 2022-03-18 13:26:14.166Z [19376] CRYPT_set_random_data: RAND_bytes call 2022-03-18 13:26:14.170Z [19376] SSH2_MSG_KEX_ECDH_INIT was sent at SSH2_ecdh_kex_init(). 2022-03-18 13:26:14.189Z [19376] Terminating SSH session...
doda)
well, that went bad fast ... please see pastebin ...
doda This looks like a problem on the Dropbear side. This issue has been fixed in Dropbear 2020.81.
c.f. https://matt.ucc.asn.au/dropbear/CHANGES
- Fix regression in 2020.79 which prevented connecting with some SSH implementations. Increase MAX_PROPOSED_ALGO to 50, and print a log message if the limit is hit. This fixes interoperability with sshj library (used by PyCharm), and GoAnywhere.
Please upgrade Dropbear, or disable unused encryption algorithms on Tera Term.
Maybe this change fix this issue.
If you can not update the server software, you have to reduce enabled encryption algorithms to 20 or less.
thanks. I will try that :)
Tera Term
This seems to be because some newer versions of SSH have disabled old algorithms that are considered less safe.
The only indication I have is on the server side the log indicates:
I am not aware how to enable SSH logging in TeraTerm, but I am willing to try that if provided with instructions
Thank you