When I try to add an SSH sensor to a system of us I get the following message

"The negotiation of encryption algorithm is failed" My PRTG version 17.3.33.2830. Which supported algorithm this version ?

Article Comments

Hello byapici,

Please check your ssh connection log on your target ssh server for errors. SSH is very verbose in those topics and will tell you where it fails.

If we have this additional information we could analyze this further.

best regards
Eugen


Oct, 2017 - Permalink

Hello,

error log is:

fatal: no matching cipher found: client blowfish-cbc,cast128-cbc,aes128-cbc,3des-cbc server aes256-ctr,aes192-ctr,aes128-ctr

matching algorithm is;

Ciphers aes256-ctr,aes192-ctr,aes128-ctr

is SSH need all algorithm matching ?


Oct, 2017 - Permalink

Hello Byapici,

In order to get this working, you'll need to add at least one cipher from the client list to the server you want to monitor. Mostly the configuration file can be found at "/etc/ssh/sshd_config".
Please check your *ux derivate documentation how to add ciphers correctly and restart those depending services.

Afterwards you should be able to monitor your server via PRTG.

best regards
Eugen


Oct, 2017 - Permalink

Hello Eugen

what is need ssh algorithm for SSH sensors. Can you send me list?


Oct, 2017 - Permalink

Hello Byapici,

You can find the client ciphers in the error message from sshd.

"fatal: no matching cipher found: client blowfish-cbc,cast128-cbc,aes128-cbc,3des-cbc server aes256-ctr,aes192-ctr,aes128-ctr"

best regards,
Eugen


Oct, 2017 - Permalink

Hello, For security reasons I only have algorithms that I have sent before. Is there a different method for adding sensors?


Oct, 2017 - Permalink

Hello Byapici,

Unfortunaly we don't offer support for those other algorithm's yet.

best regards,
Eugen


Oct, 2017 - Permalink

Hello,

Do you have any update for ssh sensors or algorithm? Old Algrorithm is not secure and we closed some algorithm. I need more help for add ssh sensors. I mustn't open all algorithms

Best regards,


Nov, 2017 - Permalink

Hello Byapici,

Currently there isn't such change planned.

best regards,
Eugen


Nov, 2017 - Permalink

For those who are interested, please refer to the article Which encryption algorithms does PRTG SSH sensors suppor" which shows an overview over the currently supported encryption algorithms.

Best regards,
Sven


Jan, 2018 - Permalink