Nasty SSH behaviour on LTS server upgrade

Nikhil Nair nnair at pobox.com
Fri Aug 12 20:27:15 UTC 2016


Hi,

I've just done the latest LTS upgrade from 14.04.5 LTS (I think it was) to
16.04.1 LTS, using `sudo do-release-upgrade'.

I've been SSH'ing in from a Windows machine, using an old version of
SecureCRT, a commercial SSH client.  I've hda no trouble connecting to
14.04.* LTS Ubuntu servers, but as soon as the upgrade to 16.04.1 LTS was
completed and the machine was rebooted, the SSH client could no longer
connect.  The message was as follows:

SecureCRT
No compatible key exchange method. The server supports these methods: 
curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-ex
change-sha256,diffie-hellman-group14-sha1
No compatible Cipher. The server supports these ciphers: 
chacha20-poly1305 at openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,aes256-gcm at open
ssh.com

I've verified, however, that I'm able to connect to the 16.04.1 LTS system
*from* another not-yet-upgraded Ubuntu system (i.e. still running 14.04.5
LTS).

While I'm no expert on SSH servers, I'm guessing some compatibility options
were disabled during the upgrade.  Is that right?  I'd have thought a
custom sshd.conf (which I definitely had) should have been left alone, and
that no functionality would be rmeoved from the ssh daemon, without a lot
of very careful consideration, at least...

This behaviour wasn't deliberate, was it?

Anyway, I'd appreciate any clues as to how to restore the sshd
functionality I had before the upgrade.

Thanks, and best regards,

Nikhil.




More information about the ubuntu-users mailing list