Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CHEF-8598: Add support for curve25519 key exchange #6989

Merged
merged 1 commit into from
Apr 16, 2024
Merged

CHEF-8598: Add support for curve25519 key exchange #6989

merged 1 commit into from
Apr 16, 2024

Conversation

ahasunos
Copy link
Contributor

Description

Fixes #6660

This pull request introduces support for the curve25519 key exchange to address an error associated with key exchange algorithm negotiation.

Here is the issue encountered when attempting to SSH into a machine (an Ubuntu EC2 instance in my case) which is configured to exclusively support curve25519 for key exchange.

Transport error, can't connect to 'ssh' backend: SSH command failed (could not settle on kex algorithm
Server kex preferences: [email protected],[email protected]
Client kex preferences: ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1)

Related Issue

CHEF-8598: Cannot SSH to modern ed25519-only linux hosts with InSpec 5

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New content (non-breaking change)
  • Breaking change (a content change which would break existing functionality or processes)

Checklist:

  • I have read the CONTRIBUTING document.

@ahasunos ahasunos requested a review from a team as a code owner March 22, 2024 07:21
@netlify Netlify
Copy link

netlify bot commented Mar 22, 2024
edited

Deploy Preview for chef-inspec canceled.

Name Link
🔨 Latest commit b005fcf
🔍 Latest deploy log https://app.netlify.com/sites/chef-inspec/deploys/66051b31cbeee30008a6bdb3

@ahasunos ahasunos mentioned this pull request Mar 22, 2024
Merged
4 tasks
@ahasunos ahasunos force-pushed the ss/fix-kex-algo-settlement branch 2 times, most recently from 5c6890d to 9db0415 Compare March 22, 2024 07:29
Vasu1105
Vasu1105 approved these changes Mar 27, 2024
View reviewed changes
Copy link
Contributor

@Vasu1105 Vasu1105 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM :). Thanks @ahasunos

@Vasu1105 Vasu1105 merged commit e149716 into main Apr 16, 2024
11 of 12 checks passed
@Vasu1105 Vasu1105 deleted the ss/fix-kex-algo-settlement branch April 16, 2024 09:51
Vasu1105 added a commit that referenced this pull request Apr 22, 2024
@Vasu1105
Revert "fix: add support for curve25519 key exchange (#6989)"
2c027a1 
This reverts commit e149716.
Vasu1105 added a commit that referenced this pull request Apr 24, 2024
@Vasu1105
Revert "fix: add support for curve25519 key exchange (#6989)" (#7026)
809c4d9 
This reverts commit e149716.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Vasu1105 Vasu1105 Vasu1105 approved these changes

@sathish-progress sathish-progress Awaiting requested review from sathish-progress sathish-progress is a code owner automatically assigned from inspec/inspec-core-team

Assignees

@ahasunos ahasunos

Labels
inspec-6
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Inspec SSH fails to connect to server with KEX error
2 participants
@ahasunos @Vasu1105