KiTTY : Forum Last modification : -
Welcome / Recent changes / News / Forum / Download / Contacts	Edit
Advertising seems to be blocked by your browser. Please notice that advertising helps us to host the project. Without advertising Forum does not work. Forum Home OpenSSH 6.9 Bre3 - Mon 06/07/2015 16:49:18 CEST +0200 Does KiTTY work with the latest version of OpenSSH? I cannot connect via SSH after upgrading to 6.9. PuTTY still works fine, though. Cyd - Mon 06/07/2015 22:28:18 CEST +0200 Try to add [KiTTY] sshversion=PuTTY_Release_0.64 to you %APPDATA%/KiTTY/kitty.ini configuration file. Bre3 - Tue 07/07/2015 00:47:11 CEST +0200 It works. Thanks! Øsse - Thu 09/07/2015 14:35:04 CEST +0200 Hi, This solution also worked for me. In the SSHD logs I see "error: Hm, kex protocol error: type 30 seq 1 [preauth]". This is presumably the same error Bre3 got. Just adding it here in case Google crawls over it. Question: Why does the KiTTY defaults differ from PuTTY in this case? Thanks! Gerhard Wiesinger - Sat 11/07/2015 10:44:32 CEST +0200 Hello, Having issues with Kitty 0.64.0.4: Also getting the message: "error: Hm, kex protocol error: type 30 seq 1 [preauth]" Tried to add "sshversion=PuTTY_Release_0.64" to kitty.ini as suggested: Log file from sshd: fatal: ssh_dispatch_run_fatal: Connection to X.Y.Z.A: no matching key exchange method found [preauth] Kitty dialog: Couldn't agree a key exchange algorithm (available: curve25519-sha256@libssh.org) sshd_config: KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com Found out that it works only with the 2048-Bit limited key size and insecure SHA1 algorithm (diffie-hellman-group14-sha1). KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 Reason is that they removed RFC4419 non compliant DH key exchange. See also: http://winscp.net/forum/viewtopic.php?t=15626 OpenSSH is from Fedora 22: openssh-6.9p1-1.fc22 Any KiTTY 0.65pre available, because PuTTY 0.65pre supports the new RFC4419 compliant key exchange? Thank you. Ciao, Gerhard John W - Sat 11/07/2015 17:50:32 CEST +0200 My Fedora 22 just upgraded openssh from 6.8 to 6.9 which broke KiTTY until I found this post through Google. Thanks for the fix! Gerhard Wiesinger - Sat 11/07/2015 18:02:26 CEST +0200 Hello, But the downgrade is insecure as it uses only 2048 bit RSA. Better to use my patched openssh version 6.9p1 reenabling the old pre RFC DH key exchange including source RPM from here: http://www.wiesinger.com/opensource/openssh/openssh-v6.9p1-kitty-putty-fix/ If you need an (untestet) patch against plain openssh 6.9p1 contact me. Ciao, Gerhard Gerhard Wiesinger - Tue 04/08/2015 19:26:37 CEST +0200 Hello, Updated for latest security patches: http://www.wiesinger.com/opensource/openssh/openssh-v6.9p1-kitty-putty-fix/ Ciao, Gerhard Sam F. - Sun 09/08/2015 10:54:30 CEST +0200 Hello guys, Please have a look at this article, which nicely explains where the problem comes from (and why Putty is not affected) : http://rakhesh.com/linux-bsd/kitty-with-fedora-22-openssh-6-9-gives-a-blank-screen-and-hangs/ I kindly suggest that Kitty aligns with the last RFC recomendations. Thanks, keep up the good work, Sam. Cyd - Sun 09/08/2015 11:31:48 CEST +0200 can you test the last beta and report ? Thanks http://www.9bis.net/kitty/data/beta/kitty.exe Sam F. - Sun 09/08/2015 11:59:49 CEST +0200 Hello Cyd, I've just tried the beta binary that you've just proposed, and it can connect to my server (current stable version can't) =) So this particular issue looks solved now. [Be informed that I just quickly tried to connect to 1 server, I did not perform extensive tests of the Beta version.] Thanks ! sabel - Sun 09/08/2015 15:13:02 CEST +0200 The beta binary works great for all my affected servers. Thanks a lot! :) Gerhard Wiesinger - Sun 09/08/2015 15:52:41 CEST +0200 Hello Cyd, Beta binary works well for me. Please update SVN, too. Can you release V0.65 now? Ciao, Gerhard Frank - Thu 13/08/2015 11:42:15 CEST +0200 Did some regression with beta (old servers) and they still work :-) Will use 0.65.0.0 (beta) for the next couple of days to check its proper functioning. Cyd - Thu 13/08/2015 15:58:18 CEST +0200 Thanks all for your help. Answer The forum is actually closed
	L'adresse initiale de cette page est http://kitty.9bis.com/ Wiki utilisant PumaWiki 1.0, merci aux membres de la PuTTY Team 2026/06/22 10:29 -- en -- 216.73.217.18 --

OpenSSH 6.9

Bre3 - Mon 06/07/2015 16:49:18 CEST +0200

Does KiTTY work with the latest version of OpenSSH? I cannot connect via SSH after upgrading to 6.9. PuTTY still works fine, though.

Cyd - Mon 06/07/2015 22:28:18 CEST +0200

Try to add
[KiTTY]
sshversion=PuTTY_Release_0.64

to you %APPDATA%/KiTTY/kitty.ini configuration file.

Bre3 - Tue 07/07/2015 00:47:11 CEST +0200

It works. Thanks!

Øsse - Thu 09/07/2015 14:35:04 CEST +0200

Hi,

This solution also worked for me. In the SSHD logs I see "error: Hm, kex protocol error: type 30 seq 1 [preauth]". This is presumably the same error Bre3 got. Just adding it here in case Google crawls over it.

Question: Why does the KiTTY defaults differ from PuTTY in this case?

Thanks!

Gerhard Wiesinger - Sat 11/07/2015 10:44:32 CEST +0200

Hello,

Having issues with Kitty 0.64.0.4:
Also getting the message: "error: Hm, kex protocol error: type 30 seq 1 [preauth]"

Tried to add "sshversion=PuTTY_Release_0.64" to kitty.ini as suggested:
Log file from sshd:
fatal: ssh_dispatch_run_fatal: Connection to X.Y.Z.A: no matching key exchange method found [preauth]

Kitty dialog:
Couldn't agree a key exchange algorithm (available: curve25519-sha256@libssh.org)

sshd_config:
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com

Found out that it works only with the 2048-Bit limited key size and insecure SHA1 algorithm (diffie-hellman-group14-sha1).
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

Reason is that they removed RFC4419 non compliant DH key exchange.

See also:
http://winscp.net/forum/viewtopic.php?t=15626

OpenSSH is from Fedora 22: openssh-6.9p1-1.fc22

Any KiTTY 0.65pre available, because PuTTY 0.65pre supports the new RFC4419 compliant key exchange?

Thank you.

Ciao,
Gerhard

John W - Sat 11/07/2015 17:50:32 CEST +0200

My Fedora 22 just upgraded openssh from 6.8 to 6.9 which broke KiTTY until I found this post through Google. Thanks for the fix!

Gerhard Wiesinger - Sat 11/07/2015 18:02:26 CEST +0200

Hello,

But the downgrade is insecure as it uses only 2048 bit RSA. Better to use my patched openssh version 6.9p1 reenabling the old pre RFC DH key exchange including source RPM from here:
http://www.wiesinger.com/opensource/openssh/openssh-v6.9p1-kitty-putty-fix/

If you need an (untestet) patch against plain openssh 6.9p1 contact me.

Ciao,
Gerhard

Gerhard Wiesinger - Tue 04/08/2015 19:26:37 CEST +0200

Hello,

Updated for latest security patches:
http://www.wiesinger.com/opensource/openssh/openssh-v6.9p1-kitty-putty-fix/

Ciao,
Gerhard

Sam F. - Sun 09/08/2015 10:54:30 CEST +0200

Hello guys,

Please have a look at this article, which nicely explains where the problem comes from (and why Putty is not affected) :
http://rakhesh.com/linux-bsd/kitty-with-fedora-22-openssh-6-9-gives-a-blank-screen-and-hangs/

I kindly suggest that Kitty aligns with the last RFC recomendations.

Thanks, keep up the good work,

Sam.

Cyd - Sun 09/08/2015 11:31:48 CEST +0200

can you test the last beta and report ?
Thanks

http://www.9bis.net/kitty/data/beta/kitty.exe

Sam F. - Sun 09/08/2015 11:59:49 CEST +0200

Hello Cyd,

I've just tried the beta binary that you've just proposed, and it can connect to my server (current stable version can't) =) So this particular issue looks solved now.

[Be informed that I just quickly tried to connect to 1 server, I did not perform extensive tests of the Beta version.]

Thanks !

sabel - Sun 09/08/2015 15:13:02 CEST +0200

The beta binary works great for all my affected servers.
Thanks a lot! :)

Gerhard Wiesinger - Sun 09/08/2015 15:52:41 CEST +0200

Hello Cyd,

Beta binary works well for me.

Please update SVN, too.

Can you release V0.65 now?

Ciao,
Gerhard

Frank - Thu 13/08/2015 11:42:15 CEST +0200

Did some regression with beta (old servers) and they still work :-)

Will use 0.65.0.0 (beta) for the next couple of days to check its proper functioning.

Cyd - Thu 13/08/2015 15:58:18 CEST +0200

Thanks all for your help.

Answer

The forum is actually closed

KiTTY : Forum