PAM: "Couldn't agree on kex algorithm..." when trying to access some devices using the PAM SSH Applet.

book

Article ID: 142954

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

I am getting the following message when trying to SSH some of our devices from within PAM SSH applet.

Couldn't agree on kex algorithm (our: 'ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256', peer: 'diffie-hellman-group1-sha1')

 

Cause

Starting in PAM version 3.3, the SSH Applet does no longer support SHA-1 algorithms due to their vulnerabilities.
So, now the SSH connection to devices just offering SHA-1 algorithms, fail with the above error.

 

Environment

Component : PRIVILEGED ACCESS MANAGEMENT

Release : 3.3 and above.

 

Resolution

We can see that for SSH and for the CISCO and UNIX connectors, we support hashes = hmac-sha2-512, hmac-sha2-256.
However, the existing SHA-1 Algorithms are only supported for the CISCO and UNIX target connectors.
This means that the target connectors, which are the ones in charge of the password change and verification, work. SSH does no longer support SHA-1 algorithms due to their vulnerabilities, so it fails to connect if the target computer just offers SHA-1 algorithms.
In the error message, the algorithms shown after the word 'our' are the ones known to the PAM server and the ones shown after the word 'peer' are the ones known to the target device. As it can be seen, they do not match.

Therefore, the target device should be configured to use secured algorithms to be SSHed from PAM 3.3.
Typically, in a linux/unix system, to do so, please modify the /etc/ssh/sshd_config file in the following manner:

* Search a line with a leading "MACs" word.
* If it exists, verify that:

- It is not commented out.
- It contains the following cyphers: hmac-sha2-256,hmac-sha2-512
- If these ciphers are not present add them to the line.

* If the entire line does not exist, add the following line to the file:

MACs hmac-sha2-256,hmac-sha2-512,hmac-sha1

You can check with the affected devices administrator how to add hmac-sha2-256 and hmac-sha2-512 algorithms to these devices.

 

Additional Information

See also the following page of PAM 3.3 documentation:

New Cryptographic Algorithms for SSH Communication