|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #68555 support for SSH2 ciphers dropped in newer OpenSSH
Submitted: 2014-12-05 21:24 UTC Modified: 2014-12-06 05:32 UTC
From: alex at sirensclef dot com Assigned: pollita (profile)
Status: Closed Package: ssh2 (PECL)
PHP Version: Irrelevant OS: CentOS
Private report: No CVE-ID: None
 [2014-12-05 21:24 UTC] alex at sirensclef dot com
Someone pointed me to a post here: which notes that support for several ciphers were dropped in openssh-6.7p1-1. Unfortunately this list includes the very ones that SSH2 claims to support here:

It appears that upgrading server A to this version of openssh causes the ssh2 extension on server B to lose access. I tried specifying one of the new ciphers in my ssh2_connect() on server B but it didn't work.

Presumably you can add back support for one of the older ciphers to server A (after accepting the security risk). But when you're dealing with a lot of remote servers, including ones you have no control over, this could be a major headache.

Can the SSH2 extension be updated to add support for the newer ciphers instead, perhaps?


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2014-12-06 05:32 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: pollita
 [2014-12-06 05:32 UTC]
This bug should be filed with the libssh2 library, not the PHP extension which wraps libssh2.

The extension can only support those ciphers supported by the library.
 [2014-12-06 13:42 UTC] alex at sirensclef dot com
Maybe the docs should be updated then? They list a fixed set of supported ciphers, rather than noting that the extension inherits the supported libssh2 ciphers which is why I directed this here.
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Sun Oct 01 12:01:23 2023 UTC