2

Connecting to a server which I have no direct control. Been working for 3 years with no issue. Today receive an error.

The code is simply

$connection = ssh2_connect('data.example.com', 22);

Result on the $connection line (even before trying to authenticate) is

PHP Warning:  ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys

I read through previous cases which seem to suggest its about updating libssh. I checked and there are no available updates. All is current based on recommended updates (I believe). PHP Version is 7.0.33 so maybe not so current, but would that impact anything? The client is a AWS Linux instance.

I can connect directly to this server via WinSCP. So either they changed some security protocol or there is something deficient on my client server?

EDIT: I can also connect directly from the client's shell.

Any ideas?

user2029890
  • 2,493
  • 6
  • 34
  • 65
  • 1
    If the remote side updated their server it may have deprecated protocols and/or ciphers that your side is capable of. Just because there are no _available_ updates doesn't mean that you're up to date either. If your OS version is out of software support the repo may still be up, but that doesn't necessarily mean that they are publishing anything but basic security fixes, if that. **TLDR:** Make sure your OS distro version is current and supported, _then_ check for OpenSSL and libssh updates. – Sammitch Nov 29 '22 at 01:37
  • Conversely, if your server updated [it may be set to self-update] it could have caused a disagreement in protocols and ciphers if the _remote_ side is sufficiently out of date. Though you can usually tweak the config to re-enable recently-deprecated protos/ciphers. – Sammitch Nov 29 '22 at 01:39
  • @Sammitch Its unlikely an update on my server because I only updated all packages for first time in a few weeks AFTER the error to see that was a resolution. I'm assuming its something they did – user2029890 Nov 29 '22 at 03:04

0 Answers0