I'm running Kali Linux with ssh -V of OpenSSH_7.7p1 Debian-3, OpenSSL 1.0.2o 27 Mar 2018. I tried to SSH to a server (a hacking challenge) and got the response Unable to negotiate with ********* port 22: no matching cipher found. Their offer: 3des-cbc,blowfish-cbc,cast128-cbc,idea-cbc.
I've tried editing my /etc/ssh/ssh_config file to add one of those four to my Ciphers listing, but the I got the message /etc/ssh/ssh_config line 38: Bad SSH2 cipher spec 'aes128-cbc,blowfish-cbc'.
I've also tried specifying a Cipher with -c, eg ssh ********* -c blowfish-cbc, but then I get Unknown cipher type 'blowfish-cbc'.
Interestingly, when I tried -c with 3des-cbc, I actually got a different response:
ssh ********* -c 3des-cbc
Received disconnect from ********* port 22:2: Handshake failed
Disconnected from ********* port 22
Am I correct in thinking that my late version of SSH doesn't allow using those ciphers? And how would I get around that?
Update: I've been asked to clarify how this isn't a duplicate of this question. The solution given there was to update the server's config, which is obviously not an option available to me here. Also, there, the -c option was working, and the only question was why it was neccesary, whereas here it doesn't appear to be.
However, I did learn from there the ssh -Q cipher command, which does in fact respond that my ssh client supports 3des-cbc, though not the other 3. This might imply that in fact -c 3des-cbc is the right approach, and I just need to debug it further to discover why the handshake fails. So maybe it does contain my answer, albeit very indirectly.
