New PPM SSH2 client, OpenSSH 6.7 (and later) and PPM 9.30

  • Document ID:KM01415896
  • Creation Date:24-Feb-2015
  • Modified Date:24-Feb-2015
    • Micro Focus Products:
      project and portfolio management

Summary

OpenSSH 6.7 does not work by default with new PPM SSH2 client

Question

OpenSSH 6.7 does not work by default with PPM SSH2 client, even with the new SSH2 client introduced in PPM 9.22.0001 and 9.30.

The reason is that PPM doesn't support the Key Exchange protocols that OpenSSH includes by default in its latest version (it removed some protocols that were not deemed secured enough).

Answer

This issue is fixed in PPM in 9.31, but the workaround for PPM 9.22.0001 and 9.30 is to add the Key Exchange protocols supported by PPM in your OpenSSH configuration if you are using 6.7.

You can do so by adding the following line in sshd_config:

KexAlgorithms ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-ni​stp521,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,diffie-hellm​an-group14-sha1

Everything is explained on this link from the SSH2 library that PPM uses in the new SSH2 client: http://sourceforge.net/p/jsch/bugs/79/