error message: ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [[email protected] ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1], server offered: [diffie-hellman-group-exchange-sha256]

[moh-slimani]

I'm getting this error

error message: ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [[email protected] ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1], server offered: [diffie-hellman-group-exchange-sha256]

complete log

Run appleboy/scp-action@master
/usr/bin/docker run --name e87b527fba6baf54c84d1986dd256d118c9a77_72534a --label e87b52 --workdir /github/workspace --rm -e INPUT_HOST -e INPUT_USERNAME -e INPUT_PASSWORD -e INPUT_PORT -e INPUT_SOURCE -e INPUT_TARGET -e INPUT_TIMEOUT -e INPUT_COMMAND_TIMEOUT -e INPUT_KEY -e INPUT_KEY_PATH -e INPUT_PASSPHRASE -e INPUT_RM -e INPUT_STRIP_COMPONENTS -e INPUT_OVERWRITE -e INPUT_TAR_TMP_PATH -e INPUT_PROXY_HOST -e INPUT_PROXY_PORT -e INPUT_PROXY_USERNAME -e INPUT_PROXY_PASSWORD -e INPUT_PROXY_PASSPHRASE -e INPUT_PROXY_TIMEOUT -e INPUT_PROXY_KEY -e INPUT_PROXY_KEY_PATH -e HOME -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/b-hero/b-hero":"/github/workspace" e87b52:7fba6baf54c84d1986dd256d118c9a77
tar all files into /tmp/743109829/wrZAXlscBR.tar
scp file to server.
2020/03/22 17:47:08 error copy file to dest: ***, error message: ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [[email protected] ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1], server offered: [diffie-hellman-group-exchange-sha256]
drone-scp error:  error copy file to dest: ***, error message: ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [[email protected] ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1], server offered: [diffie-hellman-group-exchange-sha256] 

[appleboy]

please post your config.

[moh-slimani]

please post your config.

name: CI
on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]


jobs:
  build:
    name: Production
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      - uses: borales/[email protected]
        with:
          cmd: install # will run `yarn install` command
      - uses: borales/[email protected]
        with:
          cmd: build # will run `yarn build` command
      #- uses: borales/[email protected]
      #  with:
      #   cmd: test # will run `yarn test` command
      - name: copy file via ssh password
        uses: appleboy/scp-action@master
        with:
          host: ${{ secrets.SERVER }}
          username: ${{ secrets.USERNAME }}
          password: ${{ secrets.PASSWORD }}
          port: 22
          source: "dist/*"
          target: ${{ secrets.PATH }}

[clairmont32]

@appleboy I am having the same issue despite giving the secret the private key. I copy/pasted your section of the config from the marketplace docs and created /opt/app on my Digital Ocean droplet to mirror what the defaults were for the action. Here's the Actions output and config:

name: Build and deploy
on:
  push:
    branches: [ master ]
  pull_request:
    branches: [ master ]

jobs:
  build:    
    name: Build
    runs-on: ubuntu-latest
    steps:

    - name: Set up Go 1.x
      uses: actions/setup-go@v2
      with:
        go-version: ^1.13
      id: go

    - name: Check out code into the Go module directory
      uses: actions/checkout@v2

    - name: Get dependencies
      run: |
        go get -v -t -d ./...
        if [ -f Gopkg.toml ]; then
            curl https://raw.githubusercontent.com/golang/dep/master/install.sh | sh
            dep ensure
        fi

    - name: Build
      id: build-project
      run: go build -v .

    - name: Deploy to DO
      if: success()
      uses: appleboy/scp-action@master
      env:
        HOST: ${{ secrets.HOST }}
        USERNAME: ${{ secrets.USERNAME }}
        PORT: ${{ secrets.PORT }}
        KEY: ${{ secrets.SSHKEY }}
      with:
        source: "."
        target: "/opt/app"
          
    - name: Post deploy fail commands for debugging
      if: failure()
      run: |
        ls
        curl checkip.dyndns.com```

[appleboy]

@clairmont32 Please don't use env setting. see the reference: https://github.com/appleboy/scp-action#input-variables

        with:
          host: ${{ secrets.SERVER }}
          username: ${{ secrets.USERNAME }}
          key: ${{ secrets.SSHKEY }}
          port: ${{ secrets. PORT }}

[clairmont32]

Hi @appleboy, that didnt yield a different result. If it's supposed to be with instead of env the marketplace docs will need to be updated. I think this may be a local server config but I'm able to SSH into it with only cert auth from 2 other machines so I'm unsure as to why the action is failing. I'm going to try a manual SCP command when I get a chance to see if I can get it to work that way.

[appleboy]

@clairmont32 I updated the docs.

[appleboy]

I will release a new version for this feature. ref: appleboy/ssh-action#36

[appleboy]

Please try the 0.0.9 version. https://github.com/appleboy/scp-action/releases/tag/v0.0.9

[amoravec]

I'm still seeing the exact error with v.0.0.9. Please consider re-opening.

target: /home2/***/public_html/staging rm: true host: *** username: *** key: *** passphrase: *** port: 22 timeout: 30s command_timeout: 10m strip_components: 0 overwrite: false proxy_port: 22 proxy_timeout: 30s /usr/bin/docker run --name c27d31630ce8dd596b4b11b133a6e413a3c5df_00e74d --label c27d31 --workdir /github/workspace --rm -e INPUT_SOURCE -e INPUT_TARGET -e INPUT_RM -e INPUT_HOST -e INPUT_USERNAME -e INPUT_KEY -e INPUT_PASSPHRASE -e INPUT_PORT -e INPUT_PASSWORD -e INPUT_TIMEOUT -e INPUT_COMMAND_TIMEOUT -e INPUT_KEY_PATH -e INPUT_STRIP_COMPONENTS -e INPUT_OVERWRITE -e INPUT_TAR_TMP_PATH -e INPUT_PROXY_HOST -e INPUT_PROXY_PORT -e INPUT_PROXY_USERNAME -e INPUT_PROXY_PASSWORD -e INPUT_PROXY_PASSPHRASE -e INPUT_PROXY_TIMEOUT -e INPUT_PROXY_KEY -e INPUT_PROXY_KEY_PATH -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/naturally-aligned/naturally-aligned":"/github/workspace" c27d31:630ce8dd596b4b11b133a6e413a3c5df tar all files into /tmp/917139578/xKyRPGoFTR.tar scp file to server. 2020/05/04 20:01:13 error copy file to dest: ***, error message: ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [[email protected] ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1], server offered: [diffie-hellman-group-exchange-sha256] drone-scp error: error copy file to dest: ***, error message: ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [[email protected] ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha1], server offered: [diffie-hellman-group-exchange-sha256]

[appleboy]

@amoravec Could you provide some instructions about how to generate the ssh key, your ssh server version, and related config?

[amoravec]

I generated the keys with ssh-keygen.. 'ssh-keygen -t rsa -b 4096'
Local SSH version : SSH-2.0-OpenSSH_8.0p1 Ubuntu-6build1
The remote server is OpenSSH 7.4.

The server is a hosting provider, I cannot read the configuration, but looking at ssh -vvv, it appears they have locked down the KexAlgorithm to only 'diffe-hellman-group-exchange-sha256'..

debug2: peer server KEXINIT proposal  
debug2: KEX algorithms: diffie-hellman-group-exchange-sha256  
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519  
debug2: ciphers ctos: aes256-ctr,aes192-ctr,aes128-ctr  
debug2: ciphers stoc: aes256-ctr,aes192-ctr,aes128-ctr  
debug2: MACs ctos: hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,[email protected]  
debug2: MACs stoc: hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,[email protected]  
debug2: compression ctos: none,[email protected]  
debug2: compression stoc: none,[email protected]  
debug2: languages ctos:   
debug2: languages stoc:   
debug2: first_kex_follows 0   
debug2: reserved 0   
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256  
debug1: kex: host key algorithm: ecdsa-sha2-nistp256  
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none  
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none  
debug3: send packet: type 34  
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<8192<8192) sent  
debug3: receive packet: type 31  
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP  
debug2: bits set: 4105/8192  
debug3: send packet: type 32  
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent  
debug3: receive packet: type 33  
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY

[JohannesKuehnel]

@clairmont32 Did you solve your issue? I am running into the same error.

scp file to server.
2020/05/22 11:59:25 error copy file to dest: ***, error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
drone-scp error: error copy file to dest: ***, error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

Actions Config:

name: Jekyll site CI

on: 
  push:
    branches:
      - master

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Build the site in the jekyll/builder container
        run: |
          docker run \
          -v ${{ github.workspace }}:/srv/jekyll -v ${{ github.workspace }}/_site:/srv/jekyll/_site \
          jekyll/builder:3.8 /bin/bash -c "chmod 777 /srv/jekyll && jekyll build --future"
      - uses: actions/upload-artifact@master
        with:
          name: _site
          path: _site

  publish:
    runs-on: ubuntu-latest
    needs: build
    steps:
      - uses: actions/download-artifact@v2
        with:
          name: _site
          path: _site
      - name: copy file via ssh
        uses: appleboy/scp-action@master
        with:
          host: ${{ secrets.DEPLOY_HOST }}
          username: ${{ secrets.DEPLOY_USERNAME }}
          key: ${{ secrets.DEPLOY_KEY }}
          passphrase: ${{ secrets.DEPLOY_PW }}
          source: "_site/*"
          target: ${{ secrets.DEPLOY_PATH }}
          strip_components: 1

SSH-Key was generated via ssh-keygen -t ed25519 -a 100 and the public key is in my server's authorized_key file and connecting via console works.

[appleboy]

@amoravec Can you help to try the v0.0.11 version. https://github.com/appleboy/scp-action/releases/tag/v0.0.11

[clairmont32]

@JohannesKuehnel honestly, I haven't tried in a couple weeks due to various work/life things.

@appleboy I'll give it a try this weekend as well

[appleboy]

@clairmont32 Please update your client ssh config:

1. open /etc/ssh/ssh_config
2. update KexAlgorithms setting and add diffie-hellman-group-exchange-sha256

[appleboy]

@clairmont32 I will bump the new version to fix this issue.

[appleboy]

@clairmont32 Please try the https://github.com/appleboy/scp-action/releases/tag/v0.1.0 version and update config as following:

    - name: use insecure cipher
      uses: appleboy/[email protected]
      with:
        host: ${{ secrets.HOST }}
        username: ${{ secrets.USERNAME }}
        key: ${{ secrets.SSH2 }}
        passphrase: ${{ secrets.PASSPHRASE }}
        port: ${{ secrets.PORT }}
        source: "tests/a.txt,tests/b.txt"
        target: "test"
        use_insecure_cipher: true

You must make sure the use_insecure_cipher set as true.

[clairmont32]

@appleboy I copy/pasted the above but kept my source, target, and changed SSH2 to SSHKEY since that's my secret's name. I received the below error. Please let me know if there's anything I need to do on the server side or change within the action.

[unicornware]

@appleboy i used your suggested config, but i'm still receiving the following error:

error copy file to dest: ***, error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

my config:

      - id: create-secret-files
        name: Create secret files
        run: |
          mkdir -p $SSL_SOURCE

          echo $DOPPLER_PROJECT >> .env.doppler
          echo $DOPPLER_TOKEN >> .env.doppler
          echo $SSL_CERTIFICATE >> $SSL_SOURCE/fullchain.pem
          echo $SSL_CERTIFICATE_KEY >> $SSL_SOURCE/privkey.pem
          echo $SSL_TRUSTED_CERTIFICATE >> $SSL_SOURCE/chain.pem
        env:
          DOPPLER_PROJECT: ${{ secrets.DOPPLER_PROJECT }}
          DOPPLER_TOKEN: ${{ secrets.DOPPLER_TOKEN_VM }}
          SSL_CERTIFICATE: ${{ secrets.SSL_CERTIFICATE }}
          SSL_CERTIFICATE_KEY: ${{ secrets.SSL_CERTIFICATE_KEY }}
          SSL_SOURCE: nginx/ssl/letsencrypt/${{ secrets.HOSTNAME }}
          SSL_TRUSTED_CERTIFICATE: ${{ secrets.SSL_TRUSTED_CERTIFICATE }}
      - id: ssh-root-files
        name: Upload root project files to VM
        uses: appleboy/[email protected]
        with:
          debug: true
          host: ${{ secrets.SSH_HOST }}
          key: ${{ secrets.SSH_KEY }}
          rm: true
          source: .env.doppler,docker-cloud.yml,docker-compose.yml
          target: /opt/sneusers/
          use_insecure_cipher: true
          username: ${{ secrets.SSH_USERNAME }}
      - id: ssh-nginx-config
        name: Upload Nginx configuration to VM
        uses: appleboy/[email protected]
        with:
          debug: true
          host: ${{ secrets.SSH_HOST }}
          key: ${{ secrets.SSH_KEY }}
          rm: true
          source: nginx/
          strip_components: 1
          target: /opt/sneusers/nginx/
          use_insecure_cipher: true
          username: ${{ secrets.SSH_USERNAME }}

[XiangBo-EvanZuo]

scp file to server.
2022/04/01 11:45:15 error copy file to dest: ***, error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain
drone-scp error: error copy file to dest: ***, error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain

[XiangBo-EvanZuo]

I'am so painful ,could you help me, sir

[XiangBo-EvanZuo]

I use the password and username to copy the dir to remote machine. why there is an error here, I can't understand.

[XiangBo-EvanZuo]

error password. thx guys.
I hope the error message can be more clearly.

[Tikam02]

scp file to server.
2022/04/03 14:45:04 error copy file to dest: ***, error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
drone-scp error: error copy file to dest: ***, error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

@appleboy Any updates?

[webbyus]

Problem has been fixed

use_insecure_cipher: true

[eskayamadeus]

scp file to server. 2022/04/03 14:45:04 error copy file to dest: ***, error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain drone-scp error: error copy file to dest: ***, error message: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

@appleboy Any updates?

I have the same problem