problem with key exchange algorithm

Matthew Fleming mgflem at gmail.com
Fri Feb 25 02:39:07 CET 2022


Hi,

I have an application using libssh2 that was working fine until I moved to
a new server running Ubuntu 20.04 LTS, from one running Ubuntu 18.04 LTS.
Now libssh2_session_handshake() on the client fails with result code
LIBSSH2_ERROR_KEX_FAILURE and libssh2_session_last_error() reports "Unable
to exchange keys".  Auth.log on the server reports:

sshd[21850]: Unable to negotiate with 104.48.39.9 port 57156: no matching
key exchange method found. Their offer:
diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
[preauth]

This seems odd for a few reasons. I rebuilt the client app with the latest
version of libssh2, and this is supposed to also support
diffie-hellman-group-exchange-sha256, but that wasn't offered. Also the
version of openssh on the Ubuntu server supposedly supports the key
exchange methods that were offered but apparently rejected.

I tried adding
KexAlgorithms +diffie-hellman-group1-sha
to /etc/ssh_config (and then restarting ssh) but it made no difference.

I can ssh and sftp to the server using various clients without any problem.
The issue is only with trying to sftp using libssh2.

I'd really appreciate some help with this. I've already spent a lot of time
on it.Thanks in advance.

Matthew Fleming, MD
Fleming Dermatopathology
Milwaukee, WI USA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.haxx.se/pipermail/libssh2-devel/attachments/20220224/5b69b16a/attachment.htm>


More information about the libssh2-devel mailing list