I'm getting this error trying with `ssh -T git@bitbucket.com`. The machine in which I'm getting such errors has a configured ssh key (it was working until last week and I didn't change anything, nor inside the machine nor in the repository settings).
Full errror:
bash-4.1$ ssh -T git@bitbucket.org no matching cipher found: client aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,arcfour256,arcfour128
Machine is a Centos 6.8
Edit: just tried to add the same key on github, it's working
Community moderators have prevented the ability to post new answers.
Hi Massimiliano,
We recently made some updates to our SSH server to improve perfomance, reliability, and security for our customers. Part of these updates involved dropping support for a few older and less secure ciphers.
When your SSH client attempts to open a connection, the server and client exchange lists of ciphers that they support for encrypting the SSH session. The first cipher that the client and server have in common is used to encrypt the connection. If there are no ciphers in common between the client and the server, you'll see the "no matching cipher found" message that you are receiving.
The easiest way to resolve the issue is to update the version of OpenSSH that you're using to a newer version that supports one of the following ciphers:
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm
@openssh
.com
arcfour256
arcfour128
If you continue to have issues after updating OpenSSH to a version that includes one of the supported ciphers, please contact our support team via https://support.atlassian.com and they'll get things figured out for you.
Mark
CBC ciphers are insecure and should be disabled: https://www.kb.cert.org/vuls/id/958563
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The issue is that CentOS 6.7 has an old version of SSH, and even trying to force the CTR cyphers is a fail. I tried to find a package for that system with a newer SSH version, but I couldn't.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.