pkd_hello fails on ubuntu 18.04 because rsa-sha2-256-cert-v01@openssh.com and rsa-sha2-512-cert-v01@openssh.com are not supported on the OpenSSH version it's running (OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017)
The following patch works for me but it's obviously not good for merging:
commit 9f5e0bb7d4432705f069c22f2b049ca3cfa35805 (HEAD -> master) Author: Aris Adamantiadis <aris@0xbadc0de.be> Date: Fri Sep 13 17:04:49 2019 +0200 WIP: ciphers not recognized by ssh diff --git a/tests/pkd/pkd_client.h b/tests/pkd/pkd_client.h index 474ca174..d6e85e29 100644 --- a/tests/pkd/pkd_client.h +++ b/tests/pkd/pkd_client.h @@ -16,7 +16,7 @@ #define OPENSSH_KEYGEN "ssh-keygen" #define OPENSSH_HOSTKEY_ALGOS_DEFAULT "ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa" -#define OPENSSH_PKACCEPTED_DEFAULT "ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-rsa-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com" +#define OPENSSH_PKACCEPTED_DEFAULT "ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-rsa-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com" #if HAVE_ECC #define OPENSSH_HOSTKEY_ALGOS_ECDSA ",ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521"
The right solution would be to run ssh -Q from cmake and prepare a list of ciphers that are available. This should be useful because OpenSSH will continue to deprecate ciphers in the future and the list of exception will continue to grow.