PS C:\Users\Matteo> scp -P 1046 -o KexAlgorithms=diffie-hellman-group1-sha1 -O root@192.168.172.1:/tmp/important-data.txt ./
Unable to negotiate with 192.168.172.1 port 1046: no matching host key type found. Their offer: ssh-rsa
Yes I confirm. I have v1
I forgot about host key too.
You'll need to use the option to allow the host key algorithm too.
unprivileged@debian-dell-3379:~$ ssh -o HostKeyAlgorithms=
ecdsa-sha2-nistp256 ecdsa-sha2-nistp521 sk-ssh-ed25519-cert-v01@openssh.com ssh-ed25519
ecdsa-sha2-nistp256-cert-v01@openssh.com ecdsa-sha2-nistp521-cert-v01@openssh.com sk-ssh-ed25519@openssh.com ssh-ed25519-cert-v01@openssh.com
ecdsa-sha2-nistp384 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com ssh-dss ssh-rsa
ecdsa-sha2-nistp384-cert-v01@openssh.com sk-ecdsa-sha2-nistp256@openssh.com ssh-dss-cert-v01@openssh.com ssh-rsa-cert-v01@openssh.com
unprivileged@debian-dell-3379:~$ ssh -o HostKeyAlgorithms=
Sorry but I don't understand in the terminal I'm typing " ssh -o HostKeyAlgorithms= " and then I click tab but this comes out.
┌──(matteo㉿192)-[~]
└─$ ssh -o Ciphers=
.bash_history .config/ Downloads/ .java/ .profile .vnc/
.bash_logout .dbus/ .face .local/ Public/ .Xauthority
.bashrc de/ .face.icon .mozilla/ .sudo_as_admin_successful .zshrc
.bashrc.original Desktop/ .gnupg/ Music/ Templates/
.cache/ Documents/ .ICEauthority Pictures/ Videos/
┌──(matteo㉿192)-[~]
└─$ ssh -o HostKeyAlgorithms=
.bash_history .config/ Downloads/ .java/ .profile .vnc/
.bash_logout .dbus/ .face .local/ Public/ .Xauthority
.bashrc de/ .face.icon .mozilla/ .sudo_as_admin_successful .zshrc
.bashrc.original Desktop/ .gnupg/ Music/ Templates/
.cache/ Documents/ .ICEauthority Pictures/ Videos/
Ah no worries.
Anyway you should be able to copy the ones that the source device is telling you anyway. Was just trying to help you select / speak more generally.
OK so you need at least two options. (And you may need to change your cipher next?)
scp -O -o HostKeyAlgorithms=ssh-rsa -o KexAlgorithms=diffie-hellman-group1-sha1 -P 1046 root@192.168.172.1:/tmp/important-data.txt ./
┌──(root㉿192)-[/home/matteo]
└─# scp -O -o HostKeyAlgorithms=ssh-rsa -o KexAlgorithms=diffie-hellman-group1-sha1 -P 1046 root@192.168.172.1:/tmp/mmcblk0boot0.bak ./
root@192.168.172.1's password:
┌──(root㉿192)-[/home/matteo]
└─# md5sum mmcblk0boot0.bak
md5sum: mmcblk0boot0.bak: No such file or directory
Did it actually transfer the file? Is the file on the other end? Yeah usually I get output that indicates a transfer took place?
the file was not transferred.
Did I do something wrong here?
scp -O -o HostKeyAlgorithms=ssh-rsa -o KexAlgorithms=diffie-hellman-group1-sha1 -P 1046 root@192.168.172.1:/tmp/important-data.txt ./
The authenticity of host '[192.168.172.1]:1046 ([192.168.172.1]:1046)' can't be established.
RSA key fingerprint is SHA256:E9+7smXXx725NlZQ2Rv+rFZNYV7pYpmoRBIOzwKBIIc.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[192.168.172.1]:1046' (RSA) to the list of known hosts.
root@192.168.172.1's password:
I don't have anything other than whether you're entering the password correctly :S But you need to make sure you have the source file name correct. I was using /tmp/important-data.txt
as that was the example in the wiki. You'll need to change the file name?
scp -O -o HostKeyAlgorithms=ssh-rsa -o KexAlgorithms=diffie-hellman-group1-sha1 -P 1046 root@192.168.172.1:/tmp/mmcblk0boot0.bak ./
the password is correct if you try to enter a wrong one by error.
┌──(root㉿192)-[~]
└─# scp -O -o HostKeyAlgorithms=ssh-rsa -o KexAlgorithms=diffie-hellman-group1-sha1 -P 1046 root@192.168.172.1:/tmp/mmcblk0boot0.bak ./
root@192.168.172.1's password:
Permission denied, please try again.
root@192.168.172.1's password:
┌──(root㉿192)-[~]
└─#
I can't find the saved file anywhere. Am I looking for it badly?
edit:
PS C:\Users\Matteo> scp -O -o HostKeyAlgorithms=ssh-rsa -o KexAlgorithms=diffie-hellman-group1-sha1 -P 1046 root@192.168.172.1:/tmp/mtd0ro.bak C:\Users\Matteo\Desktop\prova ./
root@192.168.172.1's password:
0 File copiati
PS C:\Users\Matteo>
I'm going to have to go get a windows machine.....
But I don'tthink you want the space after your path there and then a ./
I'd try C:\Users\Matteo\Desktop\prova\
All else fails try to download winscp and use that as it's a GUI?
I can also try with a PC where I have Linux Kali
if you've got a linux computer with an sftp/scp server IMO you should try using SCP on the er7212pc side?
I think the issue will be cipher/host key/kex algorithm minimums on that computer side but I think that's worth a try.
Otherwise we can investigate using the http server, ftp, tftp etc?
You have curl
which probably gives us a bunch of options.
Yes, I also tried on Linux, it doesn't work unfortunately.
Ok we can try, you tell me
edit:
root@ER7212PC:~# scp /tmp/mmcblk0boot0.bak matteo@192.168.172.22:C:\Users\Matteo\Desktop\prova\
/usr/bin/dbclient: Connection to matteo@192.168.172.22:22 exited: No matching algo kex
lost connection
root@ER7212PC:~#
if I want to send the file from the router to the opc via scp how should I write?
What I meant was we initiate the transfer on the er7212pc rather than the kali linux side?
you have scp on the er7212 as well?
Referring back to this:
https://openwrt.org/docs/guide-developer/adding_new_device#getting_collected_data_from_a_device
There are options listed on setting up an ftp/ tftp/http server etc and then you can try curl or other builtins.
OK so same procedure as before except your linux laptop is going to be the destination.
Only other thing I can think of is turn off scp legacy mode (i.e. with the -O) on your laptop when trying to initiate the transfer from your linux machine.
Here's an example on my router. obviously without the extra ssh configuration we may need. (but because router is fixed, it may require configuring the ssh server for legacy ciphers etc on your laptop?)
root@OpenWrt-RT3200:/tmp# dd if=/dev/mtd0ro of=/tmp/mtd0.bak
1024+0 records in
1024+0 records out
root@OpenWrt-RT3200:/tmp# scp ./mtd0.bak unprivileged@172.17.0.216:/home/unprivileged/
unprivileged@172.17.0.216's password:
mtd0.bak 100% 512KB 512.0KB/s 00:00
root@OpenWrt-RT3200:/tmp#
root@ER7212PC:~# scp ./mtd0.bak Matteo@192.168.172.37:C:\Users\Matteo\Desktop\prova
/usr/bin/dbclient: Connection to Matteo@192.168.172.37:22 exited: No matching algo kex
lost connection
root@ER7212PC:~#```
suggestions?
If you're uncomfortable with below, we should try FTP or tftp and set up an ftp or tftp server using the other instructions.
But here's what's required to get scp to work:
You need to configure the kex algorithm on your ssh server to one that the scp client can do?
I would suggest set up a differentt server and/or ensure you revert the config when you're done as you're lowering the security of your ssh server by doing this....
As an FYI We've moved to PM's and trying to use CURL and FTP now. But if someone closer to UTC+1 wants to assist it would be appreciated hahahaha.