Devart Forums

Hi,

We are using Secure Bridge v9.3.1.
In our code we use TScSSHClient with HostKeyAlgorithms configured to also support ecdsa-ssh-ed25519:

This is how we configured in our code:
However, we have one test system with SSH server configured to accept only ed25519 as host key algorithm and we get an error with this message:

'The negotiation of host key algorithm is failed (rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256 <-> ssh-ed25519)'

Is there something wrong in our code (in the way we configure the HostKeyAlgorithms) or is this a known issue?

Any help would be highly appreciated!

Thx, Ajoschi

Unfortunately, we could not reproduce the issue.
In order for us to be able to give you a detailed answer, please compose a small sample demonstrating the described behavior with permanent test access and send it to us using contact form https://devart.com/company/contactform.html

Hello Viktor,

Thank you for your fast reply!

In fact I can easily reproduce this with the Demo project "SSHClient.dproj" which ships with SecureBridge.

1. Build and Start the Project..
2. Enter fields "SSH Server", "User name", and "Password"
3. Press "Connect SSH" button.
-> Error message: 'The negotiation of host key algorithm is failed (rsa-sha2-256,rsa-sha2-512,ssh-rsa,ssh-dss <-> ssh-ed25519)'

If you could tell me how what to do (how to modify) the "SSHClient.dproj" sample so that this should work, I'm pretty sure I will find a solution for my code too.

Thx, Ajoschi

The issue might be related to your specific SSH server, so we asked for test access.
Therefore, as we already wrote in order for us to be able to give you a detailed answer, please compose a small sample demonstrating the described behavior with permanent test access and send it to us using contact form https://devart.com/company/ contactform.html

Hello Viktor,

Because of security reasons we cannot give you direct access to this test system.
However, this is a debian9 VM on HyperV.
If it would help, I could provide a snapshot of the VM.

Please let me know if this would do.

Thx,
Ajoschi

If the issue can be easily reproduced on this snapshot, please upload it to a file hosting service and send us the download link via https://devart.com/company/contactform.html

Hello Viktor,

I have used the link you provide to give you access information to a server to reproduce this.

Thx,
Ajoschi

Thank you for the information.
We have received your example and began to explore.
We will inform you when we have any results.

Thank you for the information. We have reproduced and fixed the issue. This fix will be included in the next build of SecureBridge, which we're planning to release next week.