libssh2 with rsa-sha2-256, rsa-sha2-512
João M. S. Silva
joao.m.santos.silva at gmail.com
Tue May 16 14:59:32 CEST 2023
>
> The version in the repository does, but the last public release of libssh2
> does not.
> I myself already built a sortof development version of libssh2 for my work
> environment. Without that libssh2 can no longer open RSA key based
> connections to recent OpenSSH server installations, because of the lack of
> rsa-sha2 based signature algorithms.
> Also, beyond OpenSSH installations, general security hardening efforts of
> our customers in the wild flag the rsa-sha1 signatures as woefully insecure
> on a regular basis.
>
> The rsa-sha2 signatures have been in the repository since january 2022.
> They just need a release to be accessible to the broader public.
I built from git but still cannot connect:
Unable to negotiate with 127.0.0.1 port 49796: no matching host key type
found. Their offer: ssh-rsa [preauth]
On the client:
$ curl/src/curl -v -T A -u u:p scp://localhost:/home/shared/B
% Total % Received % Xferd Average Speed Time Time Time
Current
Dload Upload Total Spent Left
Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--
0* Trying 127.0.0.1:22...
* Connected to localhost (127.0.0.1) port 22 (#0)
* Found host localhost in /home/shared/.ssh/known_hosts
* Set "rsa-sha2-256,rsa-sha2-512,ssh-rsa" as SSH hostkey type
* Failure establishing ssh session: -5, Unable to exchange encryption keys
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--
0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:--
0
* Closing connection 0
curl: (2) Failure establishing ssh session: -5, Unable to exchange
encryption keys
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.haxx.se/pipermail/libssh2-devel/attachments/20230516/1fb490bc/attachment.htm>
More information about the libssh2-devel
mailing list