Hi Darren, Thanks for the right syntax, sshd is now coming up but the initial problem persists. Same picture in the packet capture. Problem: OpenBSD SSH server isn't responding to the 'Diffie-Hellman Group Exchange Request' with 'Diffie-Hellman Group Exchange Group'. Server is sending a FIN ACK instead. I added the following line to sshd_config to allow weak key exchange algorithms: KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1 Dennis Sent: Saturday, June 18, 2016 at 3:19 AM From: "Darren Tucker" <dtuc...@zip.com.au> To: "Dennis Matthiesen" <dennis.matthie...@gmx.com> Cc: "Todd C. Miller" <todd.mil...@courtesan.com>, "OpenBSD Misc List" <misc@openbsd.org> Subject: Re: sshfs key exchange failsOn Sat, Jun 18, 2016 at 6:08 AM, Dennis Matthiesen <dennis.matthie...@gmx.com> wrote: > Thanks Todd, Did a fresh install. Added the following line to sshd_config > but then sshd won't come up: KexAlgorithms +diffie-hellman-group1-sha1, > +diffie-hellman-group-exchange-sha1
The first "+" means "append this to the list of accepted algorithms". The second "+" doesn't mean anything so sshd is trying to parse that as an algorithm name and failing (this should be obvious from the log message). Try: KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1 -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
