344517 2015-02-24 09:28:07 +0000 kio sftp only supports hmac-sha1 2015-05-11 09:32:36 +0000 1 1 10 Unmaintained kio sftp unspecified Arch Linux Linux RESOLVED UPSTREAM NOR normal --- 0 accounts+bugs.kde asn kdelibs-bugs-null web.yannick 0 oldest_to_newest 1501862 0 accounts+bugs.kde 2015-02-24 09:28:07 +0000 I just configured my ssh server to not use SHA1 anymore, and now I can't access it via sftp:// with dolphin. Happens with kio-5.7.0. Reproducible: Always Steps to Reproduce: 1. configure your ssh server according to https://stribika.github.io/2015/01/04/secure-secure-shell.html 2. especially, remove hmac-sha1 in /etc/ssh/sshd_config and set MACs to: MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com 3. access your server through dolphin by entering sftp://<username>@<server> in the address bar Actual Results: kex error : no match for method mac algo client->server: server [hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-ripemd160-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-128@openssh.com], client [hmac-sha1] Expected Results: support of more secure MACs than hmac-sha1 1513310 1 web.yannick 2015-04-25 06:19:47 +0000 I have the same problem using kubuntu 15.04 with kio-5.9.0. It's really tricky because with hmac-sha1 support only, it's not possible to get a highly secure connection. 1513976 2 asn 2015-04-27 11:33:49 +0000 We will support other HMACs with libssh 0.7 which will be released next month. See https://git.libssh.org/projects/libssh.git/commit/?id=4a089026647073be32ddb0885c12f47496bc709b 1514083 3 accounts+bugs.kde 2015-04-27 16:41:33 +0000 Happy to hear that, thanks. :) 1514427 4 web.yannick 2015-04-28 17:30:29 +0000 I'm happy to hear that to, thanks 1517806 5 asn 2015-05-11 09:32:36 +0000 See https://www.libssh.org/2015/05/11/libssh-0-7-0/