I'm working on a project that is using goftp to upload to a server, but (thanks to the kind people here) I will use a more secure method.
I plan to use ssh instead and found this ssh client in golang found here.
I have setup an ssh server (freeSSHd) and can successfully connect through PuTTY both locally and on another machine.
I have only changed this part of the client to replace the variables with my own
var (
server = "127.0.0.1:22"
username = "username"
password = clientPassword("password")
)
When I execute the ssh client, ssh.Dial returns an error, and the panic displays this: "Failed to dial: handshake failed: ssh: no common algorithms"
client, err := ssh.Dial("tcp", "127.0.0.1:22", config)
if err != nil {
panic("Failed to dial: " + err.Error())
}
I am new to golang so I would appreciate any help to point me in the right direction. Thanks in advance.
In the source code for the go.crypto/ssh package, we can see that the supported ciphers are the following:
While freeSSHd supports:
Because the client and server shares no common cipher, you will get the error message. The reason why CBC mode is not supported in the ssh package is most likely because of a vulnerability, as discussed in this golang-nuts thread.
A solution to your problem might be to try install a different SSH server, such as OpenSSH for Windows.
Though it is insecure you can get go's library to use a cypher supported by freeSSH.
sshConfig.Config.Ciphers = append(sshConfig.Config.Ciphers, "aes128-cbc")