SSH doesn't work with non-weak ciphers

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: Low
    • None
    • Affects Version/s: 2.0.4
    • Component/s: None
    • None
    • Severity 3 - Minor

      If you set your SSH config to only work with non-weak ciphers (see https://stribika.github.io/2015/01/04/secure-secure-shell.html), SourceTree is no longer able to work with remotes.

      For example, adding this line in your SSH config:

          Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr

      Will result in the following error when trying to clone from remote:

      Cloning from git@bitbucket.com:user/repo
/etc/ssh_config line 35: Bad SSH2 cipher spec 'chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr'.
fatal: Could not read from remote repository.

      The problem persists for non-weak values for other security attributes:

      HostKeyAlgorithms ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-ed25519,ssh-rsa
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256

            Assignee:
            Unassigned
            Reporter:
            Abdulrazaq Mohammed Ali Omar (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: