Devart Forums

Discussion forums for open issues and questions concerning database tools, data access components and developer tools from Devart
https://forums.devart.com/

Issue with TScSSHClient HostKeyAlgorithms ecdsa-sha2-nistp256 in SecureBridge version 9.0.1

https://forums.devart.com/viewtopic.php?f=27&t=40641

Page 1 of 1

Issue with TScSSHClient HostKeyAlgorithms ecdsa-sha2-nistp256 in SecureBridge version 9.0.1

Posted: Fri 15 May 2020 08:05
by ajoschi
Hi,

Short question, because it might be that this is a known issue of the (quite old) version (9.0.1) we are using, and it is already fixed in v9.2:
In our code we use TScSSHClient with HostKeyAlgorithms configured to also support ecdsa-sha2-nistp256:

This is how we configured in our code:

Code: Select all

lScSSHClient.HostKeyAlgorithms.AsString := 'ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521';
However, we have one customer with SSH server configured to accept only ECDSA as host key algorithm and he gets an error with this message:
Negotiation of host key algorithm failed (ssh-rsa,ssh-dss,ecdsa-sha2-,ecdsa-sha2-,ecdsa-sha2- <-> ecdsa-sha2-nistp256)
Since the message is quite strange ("...,ecdsa-sha2-,ecdsa-sha2-,ecdsa-sha2- ...") I wonder if this might be an issue in v9.0.1 which is meanwhile fixed?

Or is there something wrong in our code (in the way we configure the HostKeyAlgorithms)?

Any help would be highly appreciated!

Thx, Ajoschi

Re: Issue with TScSSHClient HostKeyAlgorithms ecdsa-sha2-nistp256 in SecureBridge version 9.0.1

Posted: Fri 15 May 2020 13:06
by ViktorV
Yes, the bug with using ECDSA host key in SSH protocol is fixed в SecureBridge 9.0.2 от 21-Feb-19. You can test the required functionality with SecureBridge Trial Edition, a full-featured time-limited version of SecureBridge Professional Edition: https://www.devart.com/sbridge/download.html
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/