• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

CREDSSP Oracle RDP issue

mantis

Administrator
Staff member
#1
If you are receiving this error "A CredSSP authentication to <hostname> failed to negotiate a common protocol version. The remote host offered version <Protocol Version> which is not permitted by Encryption Oracle Remediation." while trying to RDP to a server it means it is on a older patch update then the client you are currently on. You should update immediately that host and you will resolve this issue.

https://support.microsoft.com/en-gb/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018


To temporarily get around it do the following; (Credits go to "tyvukeri" on reddit) https://www.reddit.com/r/sysadmin/comments/8i4coq

Start -> Run - 'regedit' Navigate to 'Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\'
Right click the 'System' folder, select 'New' -> 'Key', Name it 'CredSSP'
Right click the new 'CredSSP' folder, select 'New' -> 'Key', Name it 'Parameters'
With the 'Parameters' folder selected, right click the left portion of the screen, select 'New' -> 'DWORD'
Name the new DWORD 'AllowEncryptionOracle'
Right click 'AllowEncryptionOracle' and select 'Modify'. Set the Value Data to '00000002'

Once you have updated your host be sure to remove this key/entry.
 

Attachments

Last edited: