The negotiation of host key verification algorithm is failed

Discussion of open issues, suggestions and bugs regarding network security and data protection solution - SecureBridge
Post Reply
snorkel
Posts: 384
Joined: Tue 08 Aug 2006 15:10
Location: Milwaukee WI USA

The negotiation of host key verification algorithm is failed

Post by snorkel » Mon 09 Feb 2009 20:38

I have a client that is getting the error in the subject.

I had the user do a ssh -v while logged in to get he version number:

dhatoffice@05 ~ : ssh -v
OpenSSH_4.5p1 FreeBSD-20061110, OpenSSL 0.9.7e-p1 25 Oct 2004

They are using this hosting service:
http://highspeedrails.com/

The user reports he can connect via putty.exe without issue, but when using my app that uses SB, he gets:
The negotiation of host key verification algorithm is failed
Top
Dimon
Devart Team
Posts: 2910
Joined: Mon 05 Mar 2007 16:32

Post by Dimon » Tue 10 Feb 2009 07:40

In order to solve the problem try to set the TScSSHClient.HostKeyAlgorithms.AsString property to 'ssh-rsa,ssh-dss'.
Top
snorkel
Posts: 384
Joined: Tue 08 Aug 2006 15:10
Location: Milwaukee WI USA

Post by snorkel » Tue 10 Feb 2009 14:38

Dimon wrote:In order to solve the problem try to set the TScSSHClient.HostKeyAlgorithms.AsString property to 'ssh-rsa,ssh-dss'.
I am pretty sure it's already set to that, but will double check.
Top
snorkel
Posts: 384
Joined: Tue 08 Aug 2006 15:10
Location: Milwaukee WI USA

Post by snorkel » Wed 11 Feb 2009 02:42

snorkel wrote:
Dimon wrote:In order to solve the problem try to set the TScSSHClient.HostKeyAlgorithms.AsString property to 'ssh-rsa,ssh-dss'.
I am pretty sure it's already set to that, but will double check.
I was wrong, it was set to rsa only.

How do I set it to both in code at runtime?

Thanks,

Snorkel
Top
snorkel
Posts: 384
Joined: Tue 08 Aug 2006 15:10
Location: Milwaukee WI USA

Post by snorkel » Wed 11 Feb 2009 02:59

snorkel wrote:
snorkel wrote:
Dimon wrote:In order to solve the problem try to set the TScSSHClient.HostKeyAlgorithms.AsString property to 'ssh-rsa,ssh-dss'.
I am pretty sure it's already set to that, but will double check.
I was wrong, it was set to rsa only.

How do I set it to both in code at runtime?

Thanks,

Snorkel
This seemed to work:

dsa:= TScSSHHostKeyAlgorithmItem(fclient.HostKeyAlgorithms.Add);
dsa.Algorithm:=aadsa;

Don't know if that is best practice or not though.
Top
Dimon
Devart Team
Posts: 2910
Joined: Mon 05 Mar 2007 16:32

Post by Dimon » Wed 11 Feb 2009 13:19

It is right. But the simpler way is the following code:

Code: Select all

Client.HostKeyAlgorithms.AsString := 'ssh-rsa,ssh-dss';
Top
snorkel
Posts: 384
Joined: Tue 08 Aug 2006 15:10
Location: Milwaukee WI USA

Post by snorkel » Wed 11 Feb 2009 16:29

Dimon wrote:It is right. But the simpler way is the following code:

Code: Select all

Client.HostKeyAlgorithms.AsString := 'ssh-rsa,ssh-dss';
Yes, that is much nicer. Thanks for the tip :-)
I recompiled it so hopefully that takes care of the issue my client was seeing.

Thanks again,

Snorkel
Top
Post Reply

Return to “SecureBridge”