Issue with TScSSHClient HostKeyAlgorithms ecdsa-sha2-nistp256 in SecureBridge version 9.0.1

[ajoschi]

Hi,

Short question, because it might be that this is a known issue of the (quite old) version (9.0.1) we are using, and it is already fixed in v9.2:
In our code we use TScSSHClient with HostKeyAlgorithms configured to also support ecdsa-sha2-nistp256:

This is how we configured in our code:

Code: Select all

lScSSHClient.HostKeyAlgorithms.AsString := 'ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521';

However, we have one customer with SSH server configured to accept only ECDSA as host key algorithm and he gets an error with this message:

Negotiation of host key algorithm failed (ssh-rsa,ssh-dss,ecdsa-sha2-,ecdsa-sha2-,ecdsa-sha2- <-> ecdsa-sha2-nistp256)

Since the message is quite strange ("...,ecdsa-sha2-,ecdsa-sha2-,ecdsa-sha2- ...") I wonder if this might be an issue in v9.0.1 which is meanwhile fixed?

Or is there something wrong in our code (in the way we configure the HostKeyAlgorithms)?

Any help would be highly appreciated!

Thx, Ajoschi

[ViktorV]

Yes, the bug with using ECDSA host key in SSH protocol is fixed в SecureBridge 9.0.2 от 21-Feb-19. You can test the required functionality with SecureBridge Trial Edition, a full-featured time-limited version of SecureBridge Professional Edition: https://www.devart.com/sbridge/download.html