From libssh2-devel-bounces@cool.haxx.se Tue Jun 13 13:06:32 2017 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.15.2/8.15.2/Debian-4) with ESMTP id v5DB5jD4000482; Tue, 13 Jun 2017 13:06:24 +0200 Received: from mail-qt0-x231.google.com (mail-qt0-x231.google.com [IPv6:2607:f8b0:400d:c0d:0:0:0:231]) by giant.haxx.se (8.15.2/8.15.2/Debian-4) with ESMTPS id v5DB5hN7000441 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Tue, 13 Jun 2017 13:05:43 +0200 Received: by mail-qt0-x231.google.com with SMTP id c10so165993512qtd.1 for ; Tue, 13 Jun 2017 04:05:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=Uhcu97ZW4+4QeXMaoXu50S99Am8AEgaZrNkMhH2dbOU=; b=FYKAhyIojswgdNTA+q0TOADg+U2aSN2MZap+S1V0YtXgnRMLiMWZanuOXpu3468dTg dk1QAD/ylbLQQkH9uFe3t9NAZ7Zh57S6jSBzvAHmJZ78k8WYW2ZzCrvnfD20hetNH1yv 9K7VtakOgsX7vf6yTFT0Ia/gNuVnT+c3CSAn0QjHOGfiIV9biTWZk3uQQpIGk0d6LSvy /yAPAynfYwJj+5gaoKbohm0MALAS+llxKwbGdU1MxGlrbYWQ7/eWpKbe5x7ZDbITXqzI n8jCTDvpeLfUmGyTeHvAqQ9ku3MwQeaVf/dsNCE8Q+u5+lpP+jCH37IB8oadua6wRPXp 8txg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=Uhcu97ZW4+4QeXMaoXu50S99Am8AEgaZrNkMhH2dbOU=; b=ix2AzD6qSi6ZwRuU2z2H+RWZk8T8vYna3sbuxPy0+qckYgFzof+EyFScgdSe7LfYQl LiUr3O6lnFzHt1yis383xx8Vbgx1UaYHLcCu4GPjujQ6fuPPUv0+Vjfy7hfOH9/kL+oj 1VQeBZc/avRWSCwNgzv3tZWjFz0IC3tskhd4pUiiQri4yvCHf6OMjyAIbuYXRNjdJh6+ 32hHkASO1/vAfhnFxi5yNkkwWRG36aFR6dgA3TAO4i0VfsSJSFc0E4SvXAzcvW1BXO92 UIHfaEa4Z50vNpipc54Bdo6vgC94LCp+HK+eZ8x3PankTskc/sreUSPn+s96/3JZ2Ez5 fK5Q== X-Gm-Message-State: AKS2vOzhMD+URA3YRl5AZBm260OXcPKqiaZXsntCa4xQxKZjjMcHKKfb fxS6X0YH9pdM/DimS0HJ+Keq4fQaodKE X-Received: by 10.55.104.210 with SMTP id d201mr6764495qkc.159.1497351936460; Tue, 13 Jun 2017 04:05:36 -0700 (PDT) MIME-Version: 1.0 Received: by 10.12.135.197 with HTTP; Tue, 13 Jun 2017 04:05:16 -0700 (PDT) In-Reply-To: References: Date: Tue, 13 Jun 2017 14:05:16 +0300 Message-ID: Subject: Re: Failed to exchange encryption keys when connect to Debian To: libssh2 development X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.22 Precedence: list List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Moti Avrahami via libssh2-devel Reply-To: libssh2 development Cc: Moti Avrahami Content-Type: multipart/mixed; boundary="===============2066518902==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" --===============2066518902== Content-Type: multipart/alternative; boundary="94eb2c05a84446cec10551d56a54" --94eb2c05a84446cec10551d56a54 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Jun 28, 2016 at 12:34 PM, Moti Avrahami wrote: > Hi, > > > > I failed to connect to the SFTP server =E2=80=93 SSH-2.0-OpenSSH_6.0p1 > Debian-4+deb7u4. > > I am using curl.exe (7.47.1) with libssh2 (1.7.0) and openSSL (0.9.8) and > get the error: > > [libssh2] 0.506250 Failure Event: -5 - Unable to exchange encryption keys > > * Failure establishing ssh session > > > > Do you know what can be the cause? > > Maybe this doesn=E2=80=99t support the libssh2 algorithms? > > > > Thanks, > > Moti > > > > By the way, this is the full trace: > > [libssh2] 0.459375 Conn: Setting blocking mode OFF > > [libssh2] 0.459375 Transport: session_startup for socket 156 > > [libssh2] 0.459375 Transport: Sending Banner: SSH-2.0-libssh2_1.7.0 > > [libssh2] 0.459375 Socket: Sent 23/23 bytes at 004DA6C0+0 > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Socket: Recved 1 bytes banner > > [libssh2] 0.537500 Transport: Received Banner: SSH-2.0-OpenSSH_6.0p1 > Debian-4+deb7u4 > > [libssh2] 0.615625 Key Ex: Sent KEX: diffie-hellman-group-exchange- > sha256,diffie-hellman-group-exchange-sha1,diffie-hellman- > group14-sha1,diffie-hellman-group1-sha1 > > [libssh2] 0.615625 Key Ex: Sent HOSTKEY: ssh-rsa,ssh-dss > > [libssh2] 0.615625 Key Ex: Sent CRYPT_CS: aes256-cbc,rijndael-cbc@ > lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc, > arcfour128,arcfour,cast128-cbc,3des-cbc > > [libssh2] 0.615625 Key Ex: Sent CRYPT_SC: aes256-cbc,rijndael-cbc@ > lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-cbc, > arcfour128,arcfour,cast128-cbc,3des-cbc > > [libssh2] 0.615625 Key Ex: Sent MAC_CS: hmac-sha2-256,hmac-sha2-512, > hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160= @ > openssh.com > > [libssh2] 0.615625 Key Ex: Sent MAC_SC: hmac-sha2-256,hmac-sha2-512, > hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,hmac-ripemd160= @ > openssh.com > > [libssh2] 0.615625 Key Ex: Sent COMP_CS: none > > [libssh2] 0.615625 Key Ex: Sent COMP_SC: none > > [libssh2] 0.615625 Key Ex: Sent LANG_CS: > > [libssh2] 0.615625 Key Ex: Sent LANG_SC: > > =3D> libssh2_transport_write plain (663 bytes) > > 0000: 14 30 B0 BB FA 02 DA BC 09 75 DA 15 A5 20 E6 B2 : .0=C2=B0=C2=BB= =D7=AA..=C2=BC > u..=C2=A5 =D7=96=C2=B2 > > 0010: 80 00 00 00 7E 64 69 66 66 69 65 2D 68 65 6C 6C : ....~diffie-hell > > 0020: 6D 61 6E 2D 67 72 6F 75 70 2D 65 78 63 68 61 6E : man-group-exchan > > 0030: 67 65 2D 73 68 61 32 35 36 2C 64 69 66 66 69 65 : ge-sha256,diffie > > 0040: 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F 75 70 2D 65 : -hellman-group-e > > 0050: 78 63 68 61 6E 67 65 2D 73 68 61 31 2C 64 69 66 : xchange-sha1,dif > > 0060: 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F 75 : fie-hellman-grou > > 0070: 70 31 34 2D 73 68 61 31 2C 64 69 66 66 69 65 2D : p14-sha1,diffie- > > 0080: 68 65 6C 6C 6D 61 6E 2D 67 72 6F 75 70 31 2D 73 : hellman-group1-s > > 0090: 68 61 31 00 00 00 0F 73 73 68 2D 72 73 61 2C 73 : ha1....ssh-rsa,s > > 00a0: 73 68 2D 64 73 73 00 00 00 71 61 65 73 32 35 36 : sh-dss...qaes256 > > 00b0: 2D 63 62 63 2C 72 69 6A 6E 64 61 65 6C 2D 63 62 : -cbc,rijndael-cb > > 00c0: 63 40 6C 79 73 61 74 6F 72 2E 6C 69 75 2E 73 65 : c@lysator.liu.se > > 00d0: 2C 61 65 73 31 39 32 2D 63 62 63 2C 61 65 73 31 : ,aes192-cbc,aes1 > > 00e0: 32 38 2D 63 62 63 2C 62 6C 6F 77 66 69 73 68 2D : 28-cbc,blowfish- > > 00f0: 63 62 63 2C 61 72 63 66 6F 75 72 31 32 38 2C 61 : cbc,arcfour128,a > > 0100: 72 63 66 6F 75 72 2C 63 61 73 74 31 32 38 2D 63 : rcfour,cast128-c > > 0110: 62 63 2C 33 64 65 73 2D 63 62 63 00 00 00 71 61 : bc,3des-cbc...qa > > 0120: 65 73 32 35 36 2D 63 62 63 2C 72 69 6A 6E 64 61 : es256-cbc,rijnda > > 0130: 65 6C 2D 63 62 63 40 6C 79 73 61 74 6F 72 2E 6C : el-cbc@lysator.l > > 0140: 69 75 2E 73 65 2C 61 65 73 31 39 32 2D 63 62 63 : iu.se,aes192-cbc > > 0150: 2C 61 65 73 31 32 38 2D 63 62 63 2C 62 6C 6F 77 : ,aes128-cbc,blow > > 0160: 66 69 73 68 2D 63 62 63 2C 61 72 63 66 6F 75 72 : fish-cbc,arcfour > > 0170: 31 32 38 2C 61 72 63 66 6F 75 72 2C 63 61 73 74 : 128,arcfour,cast > > 0180: 31 32 38 2D 63 62 63 2C 33 64 65 73 2D 63 62 63 : 128-cbc,3des-cbc > > 0190: 00 00 00 71 68 6D 61 63 2D 73 68 61 32 2D 32 35 : ...qhmac-sha2-25 > > 01a0: 36 2C 68 6D 61 63 2D 73 68 61 32 2D 35 31 32 2C : 6,hmac-sha2-512, > > 01b0: 68 6D 61 63 2D 73 68 61 31 2C 68 6D 61 63 2D 73 : hmac-sha1,hmac-s > > 01c0: 68 61 31 2D 39 36 2C 68 6D 61 63 2D 6D 64 35 2C : ha1-96,hmac-md5, > > 01d0: 68 6D 61 63 2D 6D 64 35 2D 39 36 2C 68 6D 61 63 : hmac-md5-96,hmac > > 01e0: 2D 72 69 70 65 6D 64 31 36 30 2C 68 6D 61 63 2D : -ripemd160,hmac- > > 01f0: 72 69 70 65 6D 64 31 36 30 40 6F 70 65 6E 73 73 : ripemd160@openss > > 0200: 68 2E 63 6F 6D 00 00 00 71 68 6D 61 63 2D 73 68 : h.com...qhmac-sh > > 0210: 61 32 2D 32 35 36 2C 68 6D 61 63 2D 73 68 61 32 : a2-256,hmac-sha2 > > 0220: 2D 35 31 32 2C 68 6D 61 63 2D 73 68 61 31 2C 68 : -512,hmac-sha1,h > > 0230: 6D 61 63 2D 73 68 61 31 2D 39 36 2C 68 6D 61 63 : mac-sha1-96,hmac > > 0240: 2D 6D 64 35 2C 68 6D 61 63 2D 6D 64 35 2D 39 36 : -md5,hmac-md5-96 > > 0250: 2C 68 6D 61 63 2D 72 69 70 65 6D 64 31 36 30 2C : ,hmac-ripemd160, > > 0260: 68 6D 61 63 2D 72 69 70 65 6D 64 31 36 30 40 6F : hmac-ripemd160@o > > 0270: 70 65 6E 73 73 68 2E 63 6F 6D 00 00 00 04 6E 6F : penssh.com....no > > 0280: 6E 65 00 00 00 04 6E 6F 6E 65 00 00 00 00 00 00 : ne....none...... > > 0290: 00 00 00 00 00 00 00 : ....... > > [libssh2] 0.615625 Socket: Sent 832/832 bytes at 021D393C > > =3D> libssh2_transport_write send() (832 bytes) > > 0000: 00 00 03 3C A4 14 30 B0 BB FA 02 DA BC 09 75 DA : ...<..0=C2=B0=C2= =BB=D7=AA..=C2=BC > u. > > 0010: 15 A5 20 E6 B2 80 00 00 00 7E 64 69 66 66 69 65 : .=C2=A5 =D7=96= =C2=B2....~diffie > > 0020: 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F 75 70 2D 65 : -hellman-group-e > > 0030: 78 63 68 61 6E 67 65 2D 73 68 61 32 35 36 2C 64 : xchange-sha256,d > > 0040: 69 66 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 : iffie-hellman-gr > > 0050: 6F 75 70 2D 65 78 63 68 61 6E 67 65 2D 73 68 61 : oup-exchange-sha > > 0060: 31 2C 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 6E : 1,diffie-hellman > > 0070: 2D 67 72 6F 75 70 31 34 2D 73 68 61 31 2C 64 69 : -group14-sha1,di > > 0080: 66 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F : ffie-hellman-gro > > 0090: 75 70 31 2D 73 68 61 31 00 00 00 0F 73 73 68 2D : up1-sha1....ssh- > > 00a0: 72 73 61 2C 73 73 68 2D 64 73 73 00 00 00 71 61 : rsa,ssh-dss...qa > > 00b0: 65 73 32 35 36 2D 63 62 63 2C 72 69 6A 6E 64 61 : es256-cbc,rijnda > > 00c0: 65 6C 2D 63 62 63 40 6C 79 73 61 74 6F 72 2E 6C : el-cbc@lysator.l > > 00d0: 69 75 2E 73 65 2C 61 65 73 31 39 32 2D 63 62 63 : iu.se,aes192-cbc > > 00e0: 2C 61 65 73 31 32 38 2D 63 62 63 2C 62 6C 6F 77 : ,aes128-cbc,blow > > 00f0: 66 69 73 68 2D 63 62 63 2C 61 72 63 66 6F 75 72 : fish-cbc,arcfour > > 0100: 31 32 38 2C 61 72 63 66 6F 75 72 2C 63 61 73 74 : 128,arcfour,cast > > 0110: 31 32 38 2D 63 62 63 2C 33 64 65 73 2D 63 62 63 : 128-cbc,3des-cbc > > 0120: 00 00 00 71 61 65 73 32 35 36 2D 63 62 63 2C 72 : ...qaes256-cbc,r > > 0130: 69 6A 6E 64 61 65 6C 2D 63 62 63 40 6C 79 73 61 : ijndael-cbc@lysa > > 0140: 74 6F 72 2E 6C 69 75 2E 73 65 2C 61 65 73 31 39 : tor.liu.se,aes19 > > 0150: 32 2D 63 62 63 2C 61 65 73 31 32 38 2D 63 62 63 : 2-cbc,aes128-cbc > > 0160: 2C 62 6C 6F 77 66 69 73 68 2D 63 62 63 2C 61 72 : ,blowfish-cbc,ar > > 0170: 63 66 6F 75 72 31 32 38 2C 61 72 63 66 6F 75 72 : cfour128,arcfour > > 0180: 2C 63 61 73 74 31 32 38 2D 63 62 63 2C 33 64 65 : ,cast128-cbc,3de > > 0190: 73 2D 63 62 63 00 00 00 71 68 6D 61 63 2D 73 68 : s-cbc...qhmac-sh > > 01a0: 61 32 2D 32 35 36 2C 68 6D 61 63 2D 73 68 61 32 : a2-256,hmac-sha2 > > 01b0: 2D 35 31 32 2C 68 6D 61 63 2D 73 68 61 31 2C 68 : -512,hmac-sha1,h > > 01c0: 6D 61 63 2D 73 68 61 31 2D 39 36 2C 68 6D 61 63 : mac-sha1-96,hmac > > 01d0: 2D 6D 64 35 2C 68 6D 61 63 2D 6D 64 35 2D 39 36 : -md5,hmac-md5-96 > > 01e0: 2C 68 6D 61 63 2D 72 69 70 65 6D 64 31 36 30 2C : ,hmac-ripemd160, > > 01f0: 68 6D 61 63 2D 72 69 70 65 6D 64 31 36 30 40 6F : hmac-ripemd160@o > > 0200: 70 65 6E 73 73 68 2E 63 6F 6D 00 00 00 71 68 6D : penssh.com...qhm > > 0210: 61 63 2D 73 68 61 32 2D 32 35 36 2C 68 6D 61 63 : ac-sha2-256,hmac > > 0220: 2D 73 68 61 32 2D 35 31 32 2C 68 6D 61 63 2D 73 : -sha2-512,hmac-s > > 0230: 68 61 31 2C 68 6D 61 63 2D 73 68 61 31 2D 39 36 : ha1,hmac-sha1-96 > > 0240: 2C 68 6D 61 63 2D 6D 64 35 2C 68 6D 61 63 2D 6D : ,hmac-md5,hmac-m > > 0250: 64 35 2D 39 36 2C 68 6D 61 63 2D 72 69 70 65 6D : d5-96,hmac-ripem > > 0260: 64 31 36 30 2C 68 6D 61 63 2D 72 69 70 65 6D 64 : d160,hmac-ripemd > > 0270: 31 36 30 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 00 : 160@openssh.com. > > 0280: 00 00 04 6E 6F 6E 65 00 00 00 04 6E 6F 6E 65 00 : ...none....none. > > 0290: 00 00 00 00 00 00 00 00 00 00 00 00 44 EC 14 45 : ............D=D7= =9C.E > > 02a0: D8 CB 8F 55 8E AA 05 C1 1B 5E F1 C6 CF 83 68 52 : =D7=B4..U.=C3=97= ...^=D7=A1..=C6=92hR > > 02b0: 3A 38 3A FE 39 4E C1 98 A2 BA 7F D0 B4 C4 A9 7C : :8:.9N..=C2=A2= =C3=B7.=D7=80=C2=B4.=C2=A9| > > 02c0: 24 8F 3F 73 40 4D DB 09 D0 C5 6E F4 9B 7E 51 7D : $.?s@M. =D7=80.n= =D7=A4=E2=80=BA~Q} > > 02d0: 26 67 F7 C3 F3 00 3B 4E AE 5D 50 28 4E D4 A6 6A : &g=D7=A7.=D7=A3.= ;N=C2=AE]P(N=D7=B0=C2=A6j > > 02e0: 26 13 3C AF C1 22 17 53 57 05 7E 2E B2 37 79 97 : &.<=C2=AF.".SW.~= .=C2=B27y=E2=80=94 > > 02f0: 19 AA C8 F5 C1 92 70 63 64 F5 F2 F8 D5 88 18 F8 : .=C3=97.=D7=A5.= =E2=80=99pcd=D7=A5=D7=A2=D7=A8=D7=B1..=D7=A8 > > 0300: 86 3C 7C 58 D4 8D 2C 1E 44 EF CC B7 58 68 B4 DE : =E2=80=A0<|X=D7= =B0.,.D=D7=9F.=C2=B7Xh=C2=B4. > > 0310: 44 21 D9 9C D0 8D AE 9C EA DB 4D 1C 6A F2 FD 46 : D!..=D7=80.=C2= =AE.=D7=9A.M.j=D7=A2.F > > 0320: 7F A3 1B 45 23 FA 32 CA 7E D3 A6 B8 B4 CC CB 1B : .=C2=A3.E#=D7=AA= 2.~=D7=83=C2=A6=C2=B8=C2=B4... > > 0330: CD 6E 01 D1 3B 6D 65 B8 BE 69 12 D4 38 E7 08 8E : .n..;me=C2=B8=C2= =BEi.=D7=B08=D7=97.. > > [libssh2] 0.615625 Transport: Looking for packet of type: 20 > > 0 0 0 0 0 0 0 0 --:--:-- --:--:-- > --:--:-- 0[libssh2] 0.693750 Socket: Recved 392/16384 bytes to > 021CF914+0 > > =3D> libssh2_transport_read() raw (392 bytes) > > 0000: 00 00 01 84 07 14 AA 25 A8 63 3D 62 7D 7A 1F AC : ...=E2=80=9E..= =C3=97%=C2=A8c=3Db}z.=C2=AC > > 0010: 96 7D 83 EA 31 9C 00 00 00 5D 65 63 64 68 2D 73 : =E2=80=93}=C6=92= =D7=9A1....]ecdh-s > > 0020: 68 61 32 2D 6E 69 73 74 70 35 32 31 2C 65 63 64 : ha2-nistp521,ecd > > 0030: 68 2D 73 68 61 32 2D 6E 69 73 74 70 33 38 34 2C : h-sha2-nistp384, > > 0040: 65 63 64 68 2D 73 68 61 32 2D 6E 69 73 74 70 32 : ecdh-sha2-nistp2 > > 0050: 35 36 2C 64 69 66 66 69 65 2D 68 65 6C 6C 6D 61 : 56,diffie-hellma > > 0060: 6E 2D 67 72 6F 75 70 2D 65 78 63 68 61 6E 67 65 : n-group-exchange > > 0070: 2D 73 68 61 32 35 36 00 00 00 23 73 73 68 2D 72 : -sha256...#ssh-r > > 0080: 73 61 2C 73 73 68 2D 64 73 73 2C 65 63 64 73 61 : sa,ssh-dss,ecdsa > > 0090: 2D 73 68 61 32 2D 6E 69 73 74 70 35 32 31 00 00 : -sha2-nistp521.. > > 00a0: 00 20 61 65 73 32 35 36 2D 63 74 72 2C 61 65 73 : . aes256-ctr,aes > > 00b0: 31 39 32 2D 63 74 72 2C 61 65 73 31 32 38 2D 63 : 192-ctr,aes128-c > > 00c0: 74 72 00 00 00 20 61 65 73 32 35 36 2D 63 74 72 : tr... aes256-ctr > > 00d0: 2C 61 65 73 31 39 32 2D 63 74 72 2C 61 65 73 31 : ,aes192-ctr,aes1 > > 00e0: 32 38 2D 63 74 72 00 00 00 2A 68 6D 61 63 2D 72 : 28-ctr...*hmac-r > > 00f0: 69 70 65 6D 64 31 36 30 2C 68 6D 61 63 2D 73 68 : ipemd160,hmac-sh > > 0100: 61 32 2D 32 35 36 2C 68 6D 61 63 2D 73 68 61 32 : a2-256,hmac-sha2 > > 0110: 2D 35 31 32 00 00 00 2A 68 6D 61 63 2D 72 69 70 : -512...*hmac-rip > > 0120: 65 6D 64 31 36 30 2C 68 6D 61 63 2D 73 68 61 32 : emd160,hmac-sha2 > > 0130: 2D 32 35 36 2C 68 6D 61 63 2D 73 68 61 32 2D 35 : -256,hmac-sha2-5 > > 0140: 31 32 00 00 00 15 6E 6F 6E 65 2C 7A 6C 69 62 40 : 12....none,zlib@ > > 0150: 6F 70 65 6E 73 73 68 2E 63 6F 6D 00 00 00 15 6E : openssh.com....n > > 0160: 6F 6E 65 2C 7A 6C 69 62 40 6F 70 65 6E 73 73 68 : one,zlib@openssh > > 0170: 2E 63 6F 6D 00 00 00 00 00 00 00 00 00 00 00 00 : .com............ > > 0180: 00 00 00 00 00 00 00 00 : ........ > > =3D> libssh2_transport_read() plain (380 bytes) > > 0000: 14 AA 25 A8 63 3D 62 7D 7A 1F AC 96 7D 83 EA 31 : .=C3=97%=C2=A8c= =3Db}z.=C2=AC=E2=80=93}=C6=92=D7=9A1 > > 0010: 9C 00 00 00 5D 65 63 64 68 2D 73 68 61 32 2D 6E : ....]ecdh-sha2-n > > 0020: 69 73 74 70 35 32 31 2C 65 63 64 68 2D 73 68 61 : istp521,ecdh-sha > > 0030: 32 2D 6E 69 73 74 70 33 38 34 2C 65 63 64 68 2D : 2-nistp384,ecdh- > > 0040: 73 68 61 32 2D 6E 69 73 74 70 32 35 36 2C 64 69 : sha2-nistp256,di > > 0050: 66 66 69 65 2D 68 65 6C 6C 6D 61 6E 2D 67 72 6F : ffie-hellman-gro > > 0060: 75 70 2D 65 78 63 68 61 6E 67 65 2D 73 68 61 32 : up-exchange-sha2 > > 0070: 35 36 00 00 00 23 73 73 68 2D 72 73 61 2C 73 73 : 56...#ssh-rsa,ss > > 0080: 68 2D 64 73 73 2C 65 63 64 73 61 2D 73 68 61 32 : h-dss,ecdsa-sha2 > > 0090: 2D 6E 69 73 74 70 35 32 31 00 00 00 20 61 65 73 : -nistp521... aes > > 00a0: 32 35 36 2D 63 74 72 2C 61 65 73 31 39 32 2D 63 : 256-ctr,aes192-c > > 00b0: 74 72 2C 61 65 73 31 32 38 2D 63 74 72 00 00 00 : tr,aes128-ctr... > > 00c0: 20 61 65 73 32 35 36 2D 63 74 72 2C 61 65 73 31 : aes256-ctr,aes1 > > 00d0: 39 32 2D 63 74 72 2C 61 65 73 31 32 38 2D 63 74 : 92-ctr,aes128-ct > > 00e0: 72 00 00 00 2A 68 6D 61 63 2D 72 69 70 65 6D 64 : r...*hmac-ripemd > > 00f0: 31 36 30 2C 68 6D 61 63 2D 73 68 61 32 2D 32 35 : 160,hmac-sha2-25 > > 0100: 36 2C 68 6D 61 63 2D 73 68 61 32 2D 35 31 32 00 : 6,hmac-sha2-512. > > 0110: 00 00 2A 68 6D 61 63 2D 72 69 70 65 6D 64 31 36 : ..*hmac-ripemd16 > > 0120: 30 2C 68 6D 61 63 2D 73 68 61 32 2D 32 35 36 2C : 0,hmac-sha2-256, > > 0130: 68 6D 61 63 2D 73 68 61 32 2D 35 31 32 00 00 00 : hmac-sha2-512... > > 0140: 15 6E 6F 6E 65 2C 7A 6C 69 62 40 6F 70 65 6E 73 : .none,zlib@opens > > 0150: 73 68 2E 63 6F 6D 00 00 00 15 6E 6F 6E 65 2C 7A : sh.com....none,z > > 0160: 6C 69 62 40 6F 70 65 6E 73 73 68 2E 63 6F 6D 00 : lib@openssh.com. > > 0170: 00 00 00 00 00 00 00 00 00 00 00 00 : ............ > > [libssh2] 0.693750 Transport: Packet type 20 received, length=3D380 > > [libssh2] 0.693750 Transport: Looking for packet of type: 20 > > [libssh2] 0.693750 Failure Event: -5 - Unable to exchange encryption keys > > * Failure establishing ssh session > > [libssh2] 0.693750 Transport: Freeing session resource > > [libssh2] 0.693750 Transport: Extra packets left 0 > > 0 0 0 0 0 0 0 0 --:--:-- --:--:-- > --:--:-- 0 > > 0 0 0 0 0 0 0 0 --:--:-- --:--:-- > --:--:-- 0 > > * Closing connection 0 > > curl: (2) Failure establishing ssh session > > > > > Hi, Before a year, I posted this question but no one have answered it that days. Anyway, I already managed to solve it since then, so I wanted to share my insights for a case it will help someone in the future: If you would read carefully between the lines of the traffic output, you=E2= =80=99ll see that the supported ciphers of each side, are printed there. For instance, here the AES-192-CBC cipher: 00d0: 2C 61 65 73 31 39 32 2D 63 62 63 2C 61 65 73 31 : ,aes192-cbc,aes1 After reading the whole ciphers list of each side, I noticed that the server side supports only the CTR operation mode (related to symmetric encryption. i.e. aes256-ctr) while the client side doesn=E2=80=99t support = it at all, and that=E2=80=99s resulted in =E2=80=9Cnon-agreement=E2=80=9D about t= he selected cipher, or as libssh2 error message mentioned: =E2=80=9CUnable to exchange encryption = keys=E2=80=9D. Thanks, Moti --94eb2c05a84446cec10551d56a54 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


On Tue, Jun 28, 2016 at 12:34 PM, Moti Avrahami <<= a href=3D"mailto:moti.dp@gmail.com" target=3D"_blank">moti.dp@gmail.com= > wrote:

Hi,

=C2=A0

I failed to connect to the SFTP server =E2=80=93 SSH= -2.0-OpenSSH_6.0p1 Debian-4+deb7u4.

I am using curl.exe (7.47.1) with libssh2 (1.7.0) an= d openSSL (0.9.8) and get the error:

[libssh2] 0.506250 Failure Event: -5 - Unable to exc= hange encryption keys

* Failure establishing ssh session

=C2=A0

Do you know what can be the cause?

Maybe this doesn=E2=80=99t support the libssh2 algor= ithms?

=C2=A0

Thanks,

Moti

=C2=A0

By the way, this is the full trace:

[libssh2] 0.459375 Conn: Setting blocking mode OFF

[libssh2] 0.459375 Transport: session_startup for so= cket 156

[libssh2] 0.459375 Transport: Sending Banner: SSH-2.0-libssh2_1.7.0

[libssh2] 0.459375 Socket: Sent 23/23 bytes at 004DA= 6C0+0

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Socket: Recved 1 bytes banner

[libssh2] 0.537500 Transport: Received Banner: SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u4

[libssh2] 0.615625 Key Ex: Sent KEX: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchang= e-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

[libssh2] 0.615625 Key Ex: Sent HOSTKEY: ssh-rsa,ssh= -dss

[libssh2] 0.615625 Key Ex: Sent CRYPT_CS: aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-c= bc,arcfour128,arcfour,cast128-cbc,3des-cbc

[libssh2] 0.615625 Key Ex: Sent CRYPT_SC: aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,blowfish-c= bc,arcfour128,arcfour,cast128-cbc,3des-cbc

[libssh2] 0.615625 Key Ex: Sent MAC_CS: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-= md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com

[libssh2] 0.615625 Key Ex: Sent MAC_SC: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-= md5-96,hmac-ripemd160,hmac-ripemd160@openssh.com

[libssh2] 0.615625 Key Ex: Sent COMP_CS: none

[libssh2] 0.615625 Key Ex: Sent COMP_SC: none

[libssh2] 0.615625 Key Ex: Sent LANG_CS:

[libssh2] 0.615625 Key Ex: Sent LANG_SC:

=3D> libssh2_transport_write plain (663 bytes)

0000: 14 30 B0 BB FA 02 DA BC=C2=A0 09 75 DA 15 A5 2= 0 E6 B2 : .0=C2=B0=C2=BB=D7=AA<= /span>..=C2=BC=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= u..=C2=A5 =D7=96=C2=B2

0010: 80 00 00 00 7E 64 69 66=C2=A0 66 69 65 2D 68 6= 5 6C 6C : ....~diffie-hell

0020: 6D 61 6E 2D 67 72 6F 75=C2=A0 70 2D 65 78 63 6= 8 61 6E : man-group-exchan

0030: 67 65 2D 73 68 61 32 35=C2=A0 36 2C 64 69 66 6= 6 69 65 : ge-sha256,diffie

0040: 2D 68 65 6C 6C 6D 61 6E=C2=A0 2D 67 72 6F 75 7= 0 2D 65 : -hellman-group-e

0050: 78 63 68 61 6E 67 65 2D=C2=A0 73 68 61 31 2C 6= 4 69 66 : xchange-sha1,dif

0060: 66 69 65 2D 68 65 6C 6C=C2=A0 6D 61 6E 2D 67 7= 2 6F 75 : fie-hellman-grou

0070: 70 31 34 2D 73 68 61 31=C2=A0 2C 64 69 66 66 6= 9 65 2D : p14-sha1,diffie-

0080: 68 65 6C 6C 6D 61 6E 2D=C2=A0 67 72 6F 75 70 3= 1 2D 73 : hellman-group1-s

0090: 68 61 31 00 00 00 0F 73=C2=A0 73 68 2D 72 73 6= 1 2C 73 : ha1....ssh-rsa,s

00a0: 73 68 2D 64 73 73 00 00=C2=A0 00 71 61 65 73 3= 2 35 36 : sh-dss...qaes256

00b0: 2D 63 62 63 2C 72 69 6A=C2=A0 6E 64 61 65 6C 2= D 63 62 : -cbc,rijndael-cb

00c0: 63 40 6C 79 73 61 74 6F=C2=A0 72 2E 6C 69 75 2= E 73 65 : c@lysator.l= iu.se

00d0: 2C 61 65 73 31 39 32 2D=C2=A0 63 62 63 2C 61 6= 5 73 31 : ,aes192-cbc,aes1

00e0: 32 38 2D 63 62 63 2C 62=C2=A0 6C 6F 77 66 69 7= 3 68 2D : 28-cbc,blowfish-

00f0: 63 62 63 2C 61 72 63 66=C2=A0 6F 75 72 31 32 3= 8 2C 61 : cbc,arcfour128,a

0100: 72 63 66 6F 75 72 2C 63=C2=A0 61 73 74 31 32 3= 8 2D 63 : rcfour,cast128-c

0110: 62 63 2C 33 64 65 73 2D=C2=A0 63 62 63 00 00 0= 0 71 61 : bc,3des-cbc...qa

0120: 65 73 32 35 36 2D 63 62=C2=A0 63 2C 72 69 6A 6= E 64 61 : es256-cbc,rijnda

0130: 65 6C 2D 63 62 63 40 6C=C2=A0 79 73 61 74 6F 7= 2 2E 6C : el-cbc@lysator.l

0140: 69 75 2E 73 65 2C 61 65=C2=A0 73 31 39 32 2D 6= 3 62 63 : iu.se,aes192-cbc

0150: 2C 61 65 73 31 32 38 2D=C2=A0 63 62 63 2C 62 6= C 6F 77 : ,aes128-cbc,blow

0160: 66 69 73 68 2D 63 62 63=C2=A0 2C 61 72 63 66 6= F 75 72 : fish-cbc,arcfour

0170: 31 32 38 2C 61 72 63 66=C2=A0 6F 75 72 2C 63 6= 1 73 74 : 128,arcfour,cast

0180: 31 32 38 2D 63 62 63 2C=C2=A0 33 64 65 73 2D 6= 3 62 63 : 128-cbc,3des-cbc

0190: 00 00 00 71 68 6D 61 63=C2=A0 2D 73 68 61 32 2= D 32 35 : ...qhmac-sha2-25

01a0: 36 2C 68 6D 61 63 2D 73=C2=A0 68 61 32 2D 35 3= 1 32 2C : 6,hmac-sha2-512,

01b0: 68 6D 61 63 2D 73 68 61=C2=A0 31 2C 68 6D 61 6= 3 2D 73 : hmac-sha1,hmac-s

01c0: 68 61 31 2D 39 36 2C 68=C2=A0 6D 61 63 2D 6D 6= 4 35 2C : ha1-96,hmac-md5,

01d0: 68 6D 61 63 2D 6D 64 35=C2=A0 2D 39 36 2C 68 6= D 61 63 : hmac-md5-96,hmac

01e0: 2D 72 69 70 65 6D 64 31=C2=A0 36 30 2C 68 6D 6= 1 63 2D : -ripemd160,hmac-

01f0: 72 69 70 65 6D 64 31 36=C2=A0 30 40 6F 70 65 6= E 73 73 : ripemd160@openss

0200: 68 2E 63 6F 6D 00 00 00=C2=A0 71 68 6D 61 63 2= D 73 68 : h.com...qhmac-sh

0210: 61 32 2D 32 35 36 2C 68=C2=A0 6D 61 63 2D 73 6= 8 61 32 : a2-256,hmac-sha2

0220: 2D 35 31 32 2C 68 6D 61=C2=A0 63 2D 73 68 61 3= 1 2C 68 : -512,hmac-sha1,h

0230: 6D 61 63 2D 73 68 61 31=C2=A0 2D 39 36 2C 68 6= D 61 63 : mac-sha1-96,hmac

0240: 2D 6D 64 35 2C 68 6D 61=C2=A0 63 2D 6D 64 35 2= D 39 36 : -md5,hmac-md5-96

0250: 2C 68 6D 61 63 2D 72 69=C2=A0 70 65 6D 64 31 3= 6 30 2C : ,hmac-ripemd160,

0260: 68 6D 61 63 2D 72 69 70=C2=A0 65 6D 64 31 36 3= 0 40 6F : hmac-ripemd160@o

0270: 70 65 6E 73 73 68 2E 63=C2=A0 6F 6D 00 00 00 0= 4 6E 6F : penssh.com....no

0280: 6E 65 00 00 00 04 6E 6F=C2=A0 6E 65 00 00 00 0= 0 00 00 : ne....none......

0290: 00 00 00 00 00 00 00=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 : ...= ....

[libssh2] 0.615625 Socket: Sent 832/832 bytes at 021= D393C

=3D> libssh2_transport_write send() (832 bytes)

0000: 00 00 03 3C A4 14 30 B0=C2=A0 BB FA 02 DA BC 0= 9 75 DA : ...<..0=C2=B0=C2=BB=D7=AA..=C2=BC= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 u.

0010: 15 A5 20 E6 B2 80 00 00=C2=A0 00 7E 64 69 66 6= 6 69 65 : .=C2=A5 =D7=96=C2=B2<= /span>....~diffie

0020: 2D 68 65 6C 6C 6D 61 6E=C2=A0 2D 67 72 6F 75 7= 0 2D 65 : -hellman-group-e

0030: 78 63 68 61 6E 67 65 2D=C2=A0 73 68 61 32 35 3= 6 2C 64 : xchange-sha256,d

0040: 69 66 66 69 65 2D 68 65=C2=A0 6C 6C 6D 61 6E 2= D 67 72 : iffie-hellman-gr

0050: 6F 75 70 2D 65 78 63 68=C2=A0 61 6E 67 65 2D 7= 3 68 61 : oup-exchange-sha

0060: 31 2C 64 69 66 66 69 65=C2=A0 2D 68 65 6C 6C 6= D 61 6E : 1,diffie-hellman

0070: 2D 67 72 6F 75 70 31 34=C2=A0 2D 73 68 61 31 2= C 64 69 : -group14-sha1,di

0080: 66 66 69 65 2D 68 65 6C=C2=A0 6C 6D 61 6E 2D 6= 7 72 6F : ffie-hellman-gro

0090: 75 70 31 2D 73 68 61 31=C2=A0 00 00 00 0F 73 7= 3 68 2D : up1-sha1....ssh-

00a0: 72 73 61 2C 73 73 68 2D=C2=A0 64 73 73 00 00 0= 0 71 61 : rsa,ssh-dss...qa

00b0: 65 73 32 35 36 2D 63 62=C2=A0 63 2C 72 69 6A 6= E 64 61 : es256-cbc,rijnda

00c0: 65 6C 2D 63 62 63 40 6C=C2=A0 79 73 61 74 6F 7= 2 2E 6C : el-cbc@lysator.l

00d0: 69 75 2E 73 65 2C 61 65=C2=A0 73 31 39 32 2D 6= 3 62 63 : iu.se,aes192-cbc

00e0: 2C 61 65 73 31 32 38 2D=C2=A0 63 62 63 2C 62 6= C 6F 77 : ,aes128-cbc,blow

00f0: 66 69 73 68 2D 63 62 63=C2=A0 2C 61 72 63 66 6= F 75 72 : fish-cbc,arcfour

0100: 31 32 38 2C 61 72 63 66=C2=A0 6F 75 72 2C 63 6= 1 73 74 : 128,arcfour,cast

0110: 31 32 38 2D 63 62 63 2C=C2=A0 33 64 65 73 2D 6= 3 62 63 : 128-cbc,3des-cbc

0120: 00 00 00 71 61 65 73 32=C2=A0 35 36 2D 63 62 6= 3 2C 72 : ...qaes256-cbc,r

0130: 69 6A 6E 64 61 65 6C 2D=C2=A0 63 62 63 40 6C 7= 9 73 61 : ijndael-cbc@lysa

0140: 74 6F 72 2E 6C 69 75 2E=C2=A0 73 65 2C 61 65 7= 3 31 39 : tor.liu.se,ae= s19

0150: 32 2D 63 62 63 2C 61 65=C2=A0 73 31 32 38 2D 6= 3 62 63 : 2-cbc,aes128-cbc

0160: 2C 62 6C 6F 77 66 69 73=C2=A0 68 2D 63 62 63 2= C 61 72 : ,blowfish-cbc,ar

0170: 63 66 6F 75 72 31 32 38=C2=A0 2C 61 72 63 66 6= F 75 72 : cfour128,arcfour

0180: 2C 63 61 73 74 31 32 38=C2=A0 2D 63 62 63 2C 3= 3 64 65 : ,cast128-cbc,3de

0190: 73 2D 63 62 63 00 00 00=C2=A0 71 68 6D 61 63 2= D 73 68 : s-cbc...qhmac-sh

01a0: 61 32 2D 32 35 36 2C 68=C2=A0 6D 61 63 2D 73 6= 8 61 32 : a2-256,hmac-sha2

01b0: 2D 35 31 32 2C 68 6D 61=C2=A0 63 2D 73 68 61 3= 1 2C 68 : -512,hmac-sha1,h

01c0: 6D 61 63 2D 73 68 61 31=C2=A0 2D 39 36 2C 68 6= D 61 63 : mac-sha1-96,hmac

01d0: 2D 6D 64 35 2C 68 6D 61=C2=A0 63 2D 6D 64 35 2= D 39 36 : -md5,hmac-md5-96

01e0: 2C 68 6D 61 63 2D 72 69=C2=A0 70 65 6D 64 31 3= 6 30 2C : ,hmac-ripemd160,

01f0: 68 6D 61 63 2D 72 69 70=C2=A0 65 6D 64 31 36 3= 0 40 6F : hmac-ripemd160@o

0200: 70 65 6E 73 73 68 2E 63=C2=A0 6F 6D 00 00 00 7= 1 68 6D : penssh.com...qhm

0210: 61 63 2D 73 68 61 32 2D=C2=A0 32 35 36 2C 68 6= D 61 63 : ac-sha2-256,hmac

0220: 2D 73 68 61 32 2D 35 31=C2=A0 32 2C 68 6D 61 6= 3 2D 73 : -sha2-512,hmac-s

0230: 68 61 31 2C 68 6D 61 63=C2=A0 2D 73 68 61 31 2= D 39 36 : ha1,hmac-sha1-96

0240: 2C 68 6D 61 63 2D 6D 64=C2=A0 35 2C 68 6D 61 6= 3 2D 6D : ,hmac-md5,hmac-m

0250: 64 35 2D 39 36 2C 68 6D=C2=A0 61 63 2D 72 69 7= 0 65 6D : d5-96,hmac-ripem

0260: 64 31 36 30 2C 68 6D 61=C2=A0 63 2D 72 69 70 6= 5 6D 64 : d160,hmac-ripemd

0270: 31 36 30 40 6F 70 65 6E=C2=A0 73 73 68 2E 63 6= F 6D 00 : 160@openssh.= com.

0280: 00 00 04 6E 6F 6E 65 00=C2=A0 00 00 04 6E 6F 6= E 65 00 : ...none....none.

0290: 00 00 00 00 00 00 00 00=C2=A0 00 00 00 00 44 E= C 14 45 : ............D=D7=9C.E

02a0: D8 CB 8F 55 8E AA 05 C1=C2=A0 1B 5E F1 C6 CF 8= 3 68 52 : =D7=B4..U.=C3= =97...^=D7=A1..=C6=92hR

02b0: 3A 38 3A FE 39 4E C1 98=C2=A0 A2 BA 7F D0 B4 C= 4 A9 7C : :8:.9N..=C2=A2=C3=B7.=D7=80=C2=B4.=C2= =A9|

02c0: 24 8F 3F 73 40 4D DB 09=C2=A0 D0 C5 6E F4 9B 7= E 51 7D : $.?s@M. =D7=80= .n=D7=A4=E2=80=BA~Q}

02d0: 26 67 F7 C3 F3 00 3B 4E=C2=A0 AE 5D 50 28 4E D= 4 A6 6A : &g=D7=A7.=D7=A3.;N=C2=AE]P(N=D7=B0= = =C2=A6j

02e0: 26 13 3C AF C1 22 17 53=C2=A0 57 05 7E 2E B2 3= 7 79 97 : &.<=C2=AF.".SW.~.=C2=B27y=E2=80=94

02f0: 19 AA C8 F5 C1 92 70 63=C2=A0 64 F5 F2 F8 D5 8= 8 18 F8 : .=C3=97.=D7=A5= .=E2=80=99pcd=D7=A5=D7=A2=D7= =A8=D7=B1..=D7=A8

0300: 86 3C 7C 58 D4 8D 2C 1E=C2=A0 44 EF CC B7 58 6= 8 B4 DE : =E2=80=A0<|X=D7=B0= .,.D=D7=9F.=C2=B7Xh=C2=B4.

0310: 44 21 D9 9C D0 8D AE 9C=C2=A0 EA DB 4D 1C 6A F= 2 FD 46 : D!..=D7=80.=C2=AE.=D7=9A.M.j=D7=A2.F

0320: 7F A3 1B 45 23 FA 32 CA=C2=A0 7E D3 A6 B8 B4 C= C CB 1B : .=C2=A3.E#=D7=AA2.~=D7=83=C2=A6=C2=B8= =C2=B4...

0330: CD 6E 01 D1 3B 6D 65 B8=C2=A0 BE 69 12 D4 38 E= 7 08 8E : .n..;me=C2=B8=C2=BEi.=D7=B08=D7=97..

[libssh2] 0.615625 Transport: Looking for packet of = type: 20

=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0 =C2=A0=C2=A0=C2=A0=C2=A00 --:--:-- --:--:-- --:--:--=C2=A0=C2=A0=C2=A0=C2=A0 0[libssh2] 0.693750 Socket: Recved 392/16384 bytes to 021CF914+0

=3D> libssh2_transport_read() raw (392 bytes)

0000: 00 00 01 84 07 14 AA 25=C2=A0 A8 63 3D 62 7D 7= A 1F AC : ...=E2=80=9E..=C3=97%=C2=A8c=3Db}z.=C2=AC

0010: 96 7D 83 EA 31 9C 00 00=C2=A0 00 5D 65 63 64 6= 8 2D 73 : =E2=80=93}=C6=92=D7=9A1....]ecdh-s

0020: 68 61 32 2D 6E 69 73 74=C2=A0 70 35 32 31 2C 6= 5 63 64 : ha2-nistp521,ecd

0030: 68 2D 73 68 61 32 2D 6E=C2=A0 69 73 74 70 33 3= 8 34 2C : h-sha2-nistp384,

0040: 65 63 64 68 2D 73 68 61=C2=A0 32 2D 6E 69 73 7= 4 70 32 : ecdh-sha2-nistp2

0050: 35 36 2C 64 69 66 66 69=C2=A0 65 2D 68 65 6C 6= C 6D 61 : 56,diffie-hellma

0060: 6E 2D 67 72 6F 75 70 2D=C2=A0 65 78 63 68 61 6= E 67 65 : n-group-exchange

0070: 2D 73 68 61 32 35 36 00=C2=A0 00 00 23 73 73 6= 8 2D 72 : -sha256...#ssh-r

0080: 73 61 2C 73 73 68 2D 64=C2=A0 73 73 2C 65 63 6= 4 73 61 : sa,ssh-dss,ecdsa

0090: 2D 73 68 61 32 2D 6E 69=C2=A0 73 74 70 35 32 3= 1 00 00 : -sha2-nistp521..

00a0: 00 20 61 65 73 32 35 36=C2=A0 2D 63 74 72 2C 6= 1 65 73 : . aes256-ctr,aes

00b0: 31 39 32 2D 63 74 72 2C=C2=A0 61 65 73 31 32 3= 8 2D 63 : 192-ctr,aes128-c

00c0: 74 72 00 00 00 20 61 65=C2=A0 73 32 35 36 2D 6= 3 74 72 : tr... aes256-ctr

00d0: 2C 61 65 73 31 39 32 2D=C2=A0 63 74 72 2C 61 6= 5 73 31 : ,aes192-ctr,aes1

00e0: 32 38 2D 63 74 72 00 00=C2=A0 00 2A 68 6D 61 6= 3 2D 72 : 28-ctr...*hmac-r

00f0: 69 70 65 6D 64 31 36 30=C2=A0 2C 68 6D 61 63 2= D 73 68 : ipemd160,hmac-sh

0100: 61 32 2D 32 35 36 2C 68=C2=A0 6D 61 63 2D 73 6= 8 61 32 : a2-256,hmac-sha2

0110: 2D 35 31 32 00 00 00 2A=C2=A0 68 6D 61 63 2D 7= 2 69 70 : -512...*hmac-rip

0120: 65 6D 64 31 36 30 2C 68=C2=A0 6D 61 63 2D 73 6= 8 61 32 : emd160,hmac-sha2

0130: 2D 32 35 36 2C 68 6D 61=C2=A0 63 2D 73 68 61 3= 2 2D 35 : -256,hmac-sha2-5

0140: 31 32 00 00 00 15 6E 6F=C2=A0 6E 65 2C 7A 6C 6= 9 62 40 : 12....none,zlib@

0150: 6F 70 65 6E 73 73 68 2E=C2=A0 63 6F 6D 00 00 0= 0 15 6E : openssh.com....n

0160: 6F 6E 65 2C 7A 6C 69 62=C2=A0 40 6F 70 65 6E 7= 3 73 68 : one,zlib@openssh

0170: 2E 63 6F 6D 00 00 00 00=C2=A0 00 00 00 00 00 0= 0 00 00 : .com............

0180: 00 00 00 00 00 00 00 00=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 : ........

=3D> libssh2_transport_read() plain (380 bytes)

0000: 14 AA 25 A8 63 3D 62 7D=C2=A0 7A 1F AC 96 7D 8= 3 EA 31 : .=C3=97%=C2=A8c=3Db}z.=C2=AC=E2=80=93}=C6=92=D7=9A1

0010: 9C 00 00 00 5D 65 63 64=C2=A0 68 2D 73 68 61 3= 2 2D 6E : ....]ecdh-sha2-n

0020: 69 73 74 70 35 32 31 2C=C2=A0 65 63 64 68 2D 7= 3 68 61 : istp521,ecdh-sha

0030: 32 2D 6E 69 73 74 70 33=C2=A0 38 34 2C 65 63 6= 4 68 2D : 2-nistp384,ecdh-

0040: 73 68 61 32 2D 6E 69 73=C2=A0 74 70 32 35 36 2= C 64 69 : sha2-nistp256,di

0050: 66 66 69 65 2D 68 65 6C=C2=A0 6C 6D 61 6E 2D 6= 7 72 6F : ffie-hellman-gro

0060: 75 70 2D 65 78 63 68 61=C2=A0 6E 67 65 2D 73 6= 8 61 32 : up-exchange-sha2

0070: 35 36 00 00 00 23 73 73=C2=A0 68 2D 72 73 61 2= C 73 73 : 56...#ssh-rsa,ss

0080: 68 2D 64 73 73 2C 65 63=C2=A0 64 73 61 2D 73 6= 8 61 32 : h-dss,ecdsa-sha2

0090: 2D 6E 69 73 74 70 35 32=C2=A0 31 00 00 00 20 6= 1 65 73 : -nistp521... aes

00a0: 32 35 36 2D 63 74 72 2C=C2=A0 61 65 73 31 39 3= 2 2D 63 : 256-ctr,aes192-c

00b0: 74 72 2C 61 65 73 31 32=C2=A0 38 2D 63 74 72 0= 0 00 00 : tr,aes128-ctr...

00c0: 20 61 65 73 32 35 36 2D=C2=A0 63 74 72 2C 61 6= 5 73 31 :=C2=A0 aes256-ctr,aes1

00d0: 39 32 2D 63 74 72 2C 61=C2=A0 65 73 31 32 38 2= D 63 74 : 92-ctr,aes128-ct

00e0: 72 00 00 00 2A 68 6D 61=C2=A0 63 2D 72 69 70 6= 5 6D 64 : r...*hmac-ripemd

00f0: 31 36 30 2C 68 6D 61 63=C2=A0 2D 73 68 61 32 2= D 32 35 : 160,hmac-sha2-25

0100: 36 2C 68 6D 61 63 2D 73=C2=A0 68 61 32 2D 35 3= 1 32 00 : 6,hmac-sha2-512.

0110: 00 00 2A 68 6D 61 63 2D=C2=A0 72 69 70 65 6D 6= 4 31 36 : ..*hmac-ripemd16

0120: 30 2C 68 6D 61 63 2D 73=C2=A0 68 61 32 2D 32 3= 5 36 2C : 0,hmac-sha2-256,

0130: 68 6D 61 63 2D 73 68 61=C2=A0 32 2D 35 31 32 0= 0 00 00 : hmac-sha2-512...

0140: 15 6E 6F 6E 65 2C 7A 6C=C2=A0 69 62 40 6F 70 6= 5 6E 73 : .none,zlib@opens

0150: 73 68 2E 63 6F 6D 00 00=C2=A0 00 15 6E 6F 6E 6= 5 2C 7A : sh.com....none,z

0160: 6C 69 62 40 6F 70 65 6E=C2=A0 73 73 68 2E 63 6= F 6D 00 : lib@openssh.= com.

0170: 00 00 00 00 00 00 00 00=C2=A0 00 00 00 00=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 : ...= .........

[libssh2] 0.693750 Transport: Packet type 20 receive= d, length=3D380

[libssh2] 0.693750 Transport: Looking for packet of = type: 20

[libssh2] 0.693750 Failure Event: -5 - Unable to exc= hange encryption keys

* Failure establishing ssh session

[libssh2] 0.693750 Transport: Freeing session resour= ce

[libssh2] 0.693750 Transport: Extra packets left 0

=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 0 --:--:-- = --:--:-- --:--:--=C2=A0=C2=A0=C2=A0=C2=A0 0

=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 0 --:--:-- = --:--:-- --:--:--=C2=A0=C2=A0=C2=A0=C2=A0 0

* Closing connection 0

curl: (2) Failure establishing ssh session

=C2=A0




Hi,

Before a year, I posted this question but no one have answered it that days. Anyway, I already managed to solve it since then, so I wanted to share my insights fo= r a case it will help someone in the future:

=C2=A0

If you would read carefully between the lines of the = traffic output, you=E2=80=99ll see that the supported ciphers of each side, are pri= nted there. For instance, here the AES-192-CBC cipher:

00d0: 2C 61 65 73 31 39 32 2D=C2=A0 63 62 63 2C 6= 1 65 73 31 : ,aes192-cbc,aes1

After reading the whole ciphers list of each side, I = noticed that the server side supports only the CTR operation mode (related to symme= tric encryption. i.e. aes256-ctr) while the client side doesn=E2=80=99t support = it at all, and that=E2=80=99s resulted in =E2=80=9Cnon-agreement=E2=80=9D about the se= lected cipher, or as libssh2 error message mentioned: =E2=80=9CUnable to exchange encryption keys=E2=80= =9D.

=C2=A0
<= /p>

Thanks,

Moti

=C2=A0

--94eb2c05a84446cec10551d56a54-- --===============2066518902== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KbGlic3NoMi1k ZXZlbCBodHRwczovL2Nvb2wuaGF4eC5zZS9jZ2ktYmluL21haWxtYW4vbGlzdGluZm8vbGlic3No Mi1kZXZlbAo= --===============2066518902==-- From libssh2-devel-bounces@cool.haxx.se Mon Jun 26 11:28:26 2017 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.15.2/8.15.2/Debian-4) with ESMTP id v5Q9Rrrb021419; Mon, 26 Jun 2017 11:28:21 +0200 Received: from mailout10.t-online.de (mailout10.t-online.de [194.25.134.21]) by giant.haxx.se (8.15.2/8.15.2/Debian-4) with ESMTPS id v5Q9RpUS021414 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 26 Jun 2017 11:27:52 +0200 Received: from fwd26.aul.t-online.de (fwd26.aul.t-online.de [172.20.26.131]) by mailout10.t-online.de (Postfix) with SMTP id EAFCA41C537D for ; Mon, 26 Jun 2017 11:27:51 +0200 (CEST) Received: from HTLT201 (GWxjHoZYrtPmv+td1JnrRtmqfim46Fh2lLDCt-AnNH7+T7ktAPSvpfWdVWdiKvxyyrA9uwBIQm@[80.147.8.189]) by fwd26.t-online.de with (TLSv1:ECDHE-RSA-AES256-SHA encrypted) esmtp id 1dPQJD-1qaicS0; Mon, 26 Jun 2017 11:27:51 +0200 From: "Nils Hendorf" To: Subject: Elliptic Curve DSA Date: Mon, 26 Jun 2017 11:27:50 +0200 Organization: Hesotech software + systeme GmbH Message-ID: <005201d2ee5e$7b58cf40$720a6dc0$@hesotech.com> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 14.0 Thread-Index: AdLuXh27YjLCo0zMQkeO/BD8nq79HQ== Content-Language: de X-ID: GWxjHoZYrtPmv+td1JnrRtmqfim46Fh2lLDCt-AnNH7+T7ktAPSvpfWdVWdiKvxyyrA9uwBIQm X-TOI-MSGID: 54fa889f-6e8a-49ca-b135-fe77581394ad X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.22 Precedence: list List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: libssh2 development Content-Type: multipart/mixed; boundary="===============0210261917==" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" This is a multipart message in MIME format. --===============0210261917== Content-Language: de Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_NextPart_000_004B_01D2EE6F.3E7262B0" This is a multipart message in MIME format. ------=_NextPart_000_004B_01D2EE6F.3E7262B0 Content-Type: multipart/alternative; boundary="----=_NextPart_001_004C_01D2EE6F.3E7262B0" ------=_NextPart_001_004C_01D2EE6F.3E7262B0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello, can I use libssh2 for SFTP-download from SFTP-Server which uses ecdsa-sha2-nistp521 for Server Authentication? =20 Mit freundlichen Gr=FC=DFen / Kind regards =20 Nils Hendorf =20 Hesotech software+systeme GmbH Grabenstr. 2-4 =20 56130 Bad Ems =20 T +49 2603 / 93643 12 F +49 2603 / 93643 29 @ nils.hendorf@hesotech.com =20 Gesch=E4ftsf=FChrer : Dipl.-Ing. Arno Hendorf, BEng. Nils Hendorf Gesch=E4ftssitz : Bad Ems Amtsgericht Koblenz HRB 20965 =20 Besuchen Sie uns auf unserer Website www.hesotech.com =20 ------=_NextPart_001_004C_01D2EE6F.3E7262B0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Hello,

can I use libssh2 for SFTP-download from SFTP-Server which = uses ecdsa-sha2-nistp521 for Server = Authentication?

 

Mit freundlichen Gr=FC=DFen / Kind = regards

 

Nils = Hendorf

 

Hesotech = software+systeme GmbH

Grabenstr. 2-4

 

56130 Bad Ems

 

T = +49 2603 / 93643 12

F +49 2603 / 93643 = 29

@ nils.hendorf@hesotech.com

 

Gesch=E4ftsf=FChrer : Dipl.-Ing. Arno = Hendorf, BEng. Nils Hendorf

Gesch=E4ftssitz : Bad = Ems

Amtsgericht Koblenz HRB = 20965

 

Besuchen Sie = uns auf unserer Website www.hesotech.com

 

------=_NextPart_001_004C_01D2EE6F.3E7262B0-- ------=_NextPart_000_004B_01D2EE6F.3E7262B0 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIM6TCCA18w ggJHoAMCAQICCwQAAAAAASFYUwiiMA0GCSqGSIb3DQEBCwUAMEwxIDAeBgNVBAsTF0dsb2JhbFNp Z24gUm9vdCBDQSAtIFIzMRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu MB4XDTA5MDMxODEwMDAwMFoXDTI5MDMxODEwMDAwMFowTDEgMB4GA1UECxMXR2xvYmFsU2lnbiBS b290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMJXaQeQZ4Ihb1wIO2hMoonv0FdhHFrYhy/EYC Q8eyip0EXyTLLkvhYIJG4VKrDIFHcGzdZNHr9SyjD4I9DCuul9e2FIYQebs7E4B3jAjhSdJqYi8f XvqWaN+JJ5U4nwbXPsnLJlkNc96wyOkmDoMVxu9bi9IEYMpJpij2aTv2y8gokeWdimFXN6x0FNx0 4Druci8unPvQu7/1PQDhBjPogiuuU6Y6FnOM3UEOIDrAtKeh6bJPkC4yYOlXy7kEkmho5TgmYHWy n3f/kRTvriBJ/K1AFUjRAjFhGV64l++td7dkmnq/X8ET75ti+w1s4FRpFqkD2m7pg5NxdsZphYIX AgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSP8Et/ qC5FJK5NUPpjmove4t0bvDANBgkqhkiG9w0BAQsFAAOCAQEAS0DbwFCq/sgM7/eWVEVJu5YACUGs sxOGhigHM8pr5nS5ugAtrqQK0/Xx8Q+Kv3NnSoPHRHt44K9ubG8DKY4zOUXDjuS5V2yq/BKW7FPG LeQkbLmUY/vcU2hnVj6DuM81IcPJaP7O2sJTqsyQiunwXUaMld16WCgaLx3ezQA3QY/tRG3XUyiX fvNnBB4V14qWtNPeTCekTBtzc3b0F5nCH3oO4y0IrQocLP88q1UOD5F+NuvDV0m+4S4tfGCLw0FR EyOdzvcya5QBqJnnLDMfOjsl0oZAzjsshnjJYS8Uuu7bVW/fhO4FCU29KNhyztNiUGUe65KXgzHZ s7XKR1g/XzCCBFkwggNBoAMCAQICCwQAAAAAATGJxjMGMA0GCSqGSIb3DQEBCwUAMEwxIDAeBgNV BAsTF0dsb2JhbFNpZ24gUm9vdCBDQSAtIFIzMRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD EwpHbG9iYWxTaWduMB4XDTExMDgwMjEwMDAwMFoXDTE5MDgwMjEwMDAwMFowXTELMAkGA1UEBhMC QkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExMzAxBgNVBAMTKkdsb2JhbFNpZ24gUGVyc29u YWxTaWduIDIgQ0EgLSBTSEEyNTYgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB AKYBOgY+TD0lJ71l7FcN0/Nzj61Z4eB/NxJMsSxhevgtUUcwxyWYkoHDl+FoQMXe8JSYraOIN7Up ZvvDa9fVVpouxlnk1upfRTHJRpU636SlHTEE5ZnXTYWQ3pTL51oEoPL4fL4OIHHO8Xe0H7X/9nw+ N8tNxCCiGKRBMCcHHXuJLeW3pFUISGaVwfc2mye8mjIw+bjIJ6gtjK66WaUW6fWY323qkkS8W9uz dCXKVpGPkZUhsmqWfGlg2msfbx3O8to8LaCk0RqlVvV+g7ZrY7xBwdWGfZKCRd5R1kt2QBYOBtZf RBV7dfPMsjI4XcQUuKyTYpccj7VTvLdaf+B+TZkCAwEAAaOCASkwggElMA4GA1UdDwEB/wQEAwIB BjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQ/bFdEnlefff1oOcu58RrkuXZQODBHBgNV HSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20v cmVwb3NpdG9yeS8wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9y b290LXIzLmNybDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwMi5nbG9i YWxzaWduLmNvbS9yb290cjMwHwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLdG7wwDQYJKoZI hvcNAQELBQADggEBAGUF26aHSpzgt7hjcu8xUQsY2pcbwzMAS6Eyx+m80XfposXHisFP0qnPEnnb F+GH3/cw2DOFLIXkPBXOeFRSx25VtdtVJPZGQcNeu2Mb2zcDBR950sXb8A/5fd9ZXzGKTf751bAF n4OX1BAYZlcSSILRMiiHpVMQ7rhfC7NChIQoRL7su+oxiIOMHhYkCheGGhnf5kmPDY8f3INUjPlf tUpkQ6eBV/yZ0BKp6w04eK2ha3dSd/GS/f+yoVi2zQGmw4qh8rd9ijsJgjr5qOCK84jRS8Vp7JfK F+RvDk38dzsXdBHuvie5mMmw9DgtzAZ2z93EovkFeQYnWMi6th+PtG0wggUlMIIEDaADAgECAhEA 2O44+rO7W3RMNf9HiXbGETANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQ R2xvYmFsU2lnbiBudi1zYTEzMDEGA1UEAxMqR2xvYmFsU2lnbiBQZXJzb25hbFNpZ24gMiBDQSAt IFNIQTI1NiAtIEcyMB4XDTE1MTEwOTA4Mzc1MloXDTE4MTEwOTA4Mzc1MlowgaMxCzAJBgNVBAYT AkRFMRgwFgYDVQQIEw9SaGVpbmxhbmQtUGZhbHoxEDAOBgNVBAcTB0JhZCBFbXMxJzAlBgNVBAoT Hkhlc290ZWNoIHNvZnR3YXJlK3N5c3RlbWUgR21iSDEVMBMGA1UEAxMMTmlscyBIZW5kb3JmMSgw JgYJKoZIhvcNAQkBFhlOaWxzLkhlbmRvcmZASGVzb3RlY2guY29tMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEArB0FOAv6LZlAuqqZQCZrYyOjogrqIS01/i8bfYSMfE8P+ESmBwduXIM/ B9AdiMMRmxWupSCxEZohCy7FOeAnmlzHeq4srRubJkPhltLhoKdClB4zUklbCcf/xwjR5PRH1R5U hwYL9i3wFV1XY5hal9jQAtwA69YsqsJ+KLnAaMN8QNRzWdnokr3MHFY7boDXPytQHmvGKfjMWZbR S6rQAWV1ewzP21DpdjgJ6l0orw3Mzx/zNcFQmV8P1DZY/MHSmbj/SMkUqELPB1Rcsz9q+LSmHJ3P jQeZFCXHU4nGxuUsVbU/1VWS/einmWBCrKEeRa4wxaOhdrpie+N7mGl1ywIDAQABo4IBlzCCAZMw DgYDVR0PAQH/BAQDAgWgME0GA1UdIARGMEQwQgYKKwYBBAGgMgEoCjA0MDIGCCsGAQUFBwIBFiZo dHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAkBgNVHREEHTAbgRlOaWxzLkhl bmRvcmZASGVzb3RlY2guY29tMAkGA1UdEwQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUF BwMEMEcGA1UdHwRAMD4wPKA6oDiGNmh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvZ3NwZXJz b25hbHNpZ24yc2hhMmcyLmNybDBZBggrBgEFBQcBAQRNMEswSQYIKwYBBQUHMAKGPWh0dHA6Ly9z ZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzcGVyc29uYWxzaWduMnNoYTJnMi5jcnQwHQYD VR0OBBYEFKkF6kgNGyglWl/k/Qly64TYo8/AMB8GA1UdIwQYMBaAFD9sV0SeV599/Wg5y7nxGuS5 dlA4MA0GCSqGSIb3DQEBCwUAA4IBAQASdmuUoUFZq0QYfRu+chXM385ETcgNc0V6TiQJxATxbth2 b8xa2AZsE8Eqcgdo7vt73dKNRoRUUX2EQ+d9PLNAYPuUc36w+dasIKNHtoVPpF/KUunH7KDSx9JL qJv/WMNvju8DRNm+v5f90MItMzSXHETnZiay8tDh4fpG4l6WKg+G3PkxavKQf+3CjBj6Gui7BMtE jPkj5iZraKht2DafWq7Q4CwS6fVdHaZy62Va+XYOAU++WFMjLI0k449/p6LEDlCn/3TDKGv8vrRl 2k5U1BSR1vNoUUWaYJF5V93BHLWCqtVYwyFE2BVlhlOVefaDtF6rRFNsiRqNLXcep1hIMYIDsjCC A64CAQEwcjBdMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEzMDEGA1UE AxMqR2xvYmFsU2lnbiBQZXJzb25hbFNpZ24gMiBDQSAtIFNIQTI1NiAtIEcyAhEA2O44+rO7W3RM Nf9HiXbGETAJBgUrDgMCGgUAoIICFTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3 DQEJBTEPFw0xNzA2MjYwOTI3NTBaMCMGCSqGSIb3DQEJBDEWBBQDavcEC5WW/8atlEddA4JJwMok /jCBgQYJKwYBBAGCNxAEMXQwcjBdMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu di1zYTEzMDEGA1UEAxMqR2xvYmFsU2lnbiBQZXJzb25hbFNpZ24gMiBDQSAtIFNIQTI1NiAtIEcy AhEA2O44+rO7W3RMNf9HiXbGETCBgwYLKoZIhvcNAQkQAgsxdKByMF0xCzAJBgNVBAYTAkJFMRkw FwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTMwMQYDVQQDEypHbG9iYWxTaWduIFBlcnNvbmFsU2ln biAyIENBIC0gU0hBMjU2IC0gRzICEQDY7jj6s7tbdEw1/0eJdsYRMIGrBgkqhkiG9w0BCQ8xgZ0w gZowCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBFjAKBggqhkiG9w0DBzALBglghkgBZQMEAQIwDgYI KoZIhvcNAwICAgCAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgFAMA0GCCqGSIb3DQMCAgEoMAcGBSsO AwIaMAsGCWCGSAFlAwQCAzALBglghkgBZQMEAgIwCwYJYIZIAWUDBAIBMA0GCSqGSIb3DQEBAQUA BIIBAAefCG5xVLOSs9Y1F5uA3aOmayZXrI2v9XvMmFEr4x+rA1KiZ7F6SeljkExbs5e2mcRR8WGP uYonpa432an+IeyhhmJSUUIqsMm8Tn9iYeV2sIqr+TW/2cd5kN/hcQg+Pv8kRT4vvPJzzMQNr2EC FvCKghy1K7Cvh0cu5gF9ovvCYAkPGd4cUsMsOcdsRb2IIops9JjsCAd3IerUk5Csjed1N/dJrICt nBdYmXVrvu3cI3U/RBPIH/qxMUwI6eR/cYavcgBXr2vziqxRb2ja60VckQjzBeCgTqQwUoqD2gxB Nbv794jh/SePwUzbxeC9C/ahD85heSsh2Z7tnKVZDUcAAAAAAAA= ------=_NextPart_000_004B_01D2EE6F.3E7262B0-- --===============0210261917== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KbGlic3NoMi1k ZXZlbCBodHRwczovL2Nvb2wuaGF4eC5zZS9jZ2ktYmluL21haWxtYW4vbGlzdGluZm8vbGlic3No Mi1kZXZlbAo= --===============0210261917==-- From libssh2-devel-bounces@cool.haxx.se Mon Jun 26 20:03:25 2017 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.15.2/8.15.2/Debian-4) with ESMTP id v5QI2pT7031343; Mon, 26 Jun 2017 20:03:20 +0200 Received: from foo.stuge.se (foo.stuge.se [212.116.89.98]) by giant.haxx.se (8.15.2/8.15.2/Debian-4) with ESMTPS id v5QI2owA031231 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 26 Jun 2017 20:02:50 +0200 Received: (qmail 26894 invoked by uid 1000); 26 Jun 2017 17:56:24 -0000 Date: Mon, 26 Jun 2017 17:56:24 +0000 From: Peter Stuge To: libssh2-devel@cool.haxx.se Subject: Re: Elliptic Curve DSA Message-ID: <20170626175624.GH12397@stuge.se> References: <005201d2ee5e$7b58cf40$720a6dc0$@hesotech.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <005201d2ee5e$7b58cf40$720a6dc0$@hesotech.com> X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.22 Precedence: list List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: libssh2 development Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id v5QI2pT7031343 Hi Nils, Nils Hendorf wrote: > can I use libssh2 for SFTP-download from SFTP-Server which uses > ecdsa-sha2-nistp521 for Server Authentication? "Server Authentication" isn't really a term in the SSH protocol, but in any case the answer is no, libssh2 doesn't support ecdsa. //Peter _______________________________________________ libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel From libssh2-devel-bounces@cool.haxx.se Mon Jun 26 20:09:50 2017 Return-Path: Received: from www.haxx.se (localhost.localdomain [127.0.0.1]) by giant.haxx.se (8.15.2/8.15.2/Debian-4) with ESMTP id v5QI9k44003668; Mon, 26 Jun 2017 20:09:49 +0200 Received: from mail.panic.com (mail.panic.com [38.103.165.3]) by giant.haxx.se (8.15.2/8.15.2/Debian-4) with ESMTPS id v5QI9gKM003594 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Mon, 26 Jun 2017 20:09:44 +0200 Received: from [10.0.0.191] (unknown [38.103.165.36]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.panic.com (Postfix) with ESMTPSA id E15396060B for ; Mon, 26 Jun 2017 11:09:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=panic.com; s=dkim; t=1498500576; bh=gTi5Mcah51taU5Fv6wt3bLOWM7FRIB+W2NykyVwBbJo=; h=From:Subject:Date:References:To:In-Reply-To; b=ret2C74M4c491J+YdiJDrR9D0Kr4dc6rS7Y1Lx4CinozhoD4vKYlof1k6q+Qa9wl9 RR+mkbRmiXi3JW/rKU/5zLWWVu/+CzWLUf3X0UngtxOjtubQHSinQcp7w3N50pxaRo AlmvhTFDt4WoMQvVzSv4/e+LZfVN49CmY820v0O4= Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: Elliptic Curve DSA Date: Mon, 26 Jun 2017 11:09:36 -0700 References: <005201d2ee5e$7b58cf40$720a6dc0$@hesotech.com> <20170626175624.GH12397@stuge.se> To: libssh2 development In-Reply-To: <20170626175624.GH12397@stuge.se> Message-Id: X-Mailer: Apple Mail (2.3273) X-MIME-Autoconverted: from quoted-printable to 8bit by giant.haxx.se id v5QI9gKM003594 X-BeenThere: libssh2-devel@cool.haxx.se X-Mailman-Version: 2.1.22 Precedence: list List-Id: libssh2 development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Will Cosgrove via libssh2-devel Reply-To: libssh2 development Cc: Will Cosgrove Content-Type: text/plain; charset="utf-8" Errors-To: libssh2-devel-bounces@cool.haxx.se Sender: "libssh2-devel" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by giant.haxx.se id v5QI9k44003668 Hi Nils, You can track the issue here: https://github.com/libssh2/libssh2/issues/41 I hope to roll my changes in as soon as the product I’m working on ships… Will > On Jun 26, 2017, at 10:56 AM, Peter Stuge wrote: > > Hi Nils, > > Nils Hendorf wrote: >> can I use libssh2 for SFTP-download from SFTP-Server which uses >> ecdsa-sha2-nistp521 for Server Authentication? > > "Server Authentication" isn't really a term in the SSH protocol, but > in any case the answer is no, libssh2 doesn't support ecdsa. > > > //Peter > _______________________________________________ > libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel _______________________________________________ libssh2-devel https://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel