View Single Post
Old 10-02-2018, 02:59 PM
bgagnon bgagnon is offline
VanDyke Technical Support
Join Date: Oct 2008
Posts: 4,164
Question FAQ: What causes the "No compatible cipher" error in SecureCRT?

If you are getting some form of the below error in SecureCRT:
Key exchange failed.
No compatible cipher.
The server supports these ciphers: ChaCha20-Poly1305,AES-128-CTR,AES-192-CTR,AES-256-CTR,AES-128-GCM,AES-256-GCM

You can turn on Trace Options output (File menu) and find this info:
[LOCAL] : Available Remote Send Ciphers =,aes128-ctr,aes192-ctr,aes256-ctr,,
[LOCAL] : Selected Send Cipher = aes256-ctr 
[LOCAL] : Available Remote Recv Ciphers =,aes128-ctr,aes192-ctr,aes256-ctr,,
[LOCAL] : Selected Recv Cipher = aes256-ctr

Ciphers: The "Available" lists what the remote is advertising it supports. SecureCRT will try its listed cipher methods (in the Connection / SSH2 / Advanced category of Session Options) in order. The list can be reordered using the Up/Down arrow buttons next to the list.
As of version 8.5.1, current Ciphers supported are (with version when support was first added):
ChaCha20-Poly1305 (v8.3.x)
AES-256-GCM (v8.3.x)
AES-128-GCM (v8.3.x)
AES-256-CTR (v6.1.x)
AES-192-CTR (v6.1.x)
AES-128-CTR (v6.1.x)
AES-256 (v3.3.x)
AES-192 (v3.3.x)
AES-128 (v3.3.x)
Blowfish (v3.0.x)
Twofish (v3.0.x)
3DES (v3.0.x)
DES (v3.0.x)
RC4 (v3.0.x)

You can employ the power of editing the Default session to enable any new ciphers in all of your existing and future sessions. Here are some links to a tip and a video that provide more details about using the Default session to make mass changes to multiple sessions:
Attached Images
File Type: png SCRT851_altered_Cipher_category.png (43.9 KB, 5110 views)
File Type: png key_ex_cipher_error_in_SecureCRT.png (29.0 KB, 5000 views)

VanDyke Software
Technical Support
(505) 332-5730

Last edited by bgagnon; 03-01-2019 at 10:10 AM. Reason: Changed icon to question mark