Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > Secure Shell

Reply
 
Thread Tools Display Modes
  #1  
Old 04-15-2018, 02:22 PM
malick.mbaye malick.mbaye is offline
Registered User
 
Join Date: Apr 2018
Posts: 1
No compatible key exchange method

Hello,
I can't connect to Wallix server by SSH because have got the message below:

"Key exchange failed.
No compatible key exchange method. The server supports these methods: curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
No compatible MAC. The server supports these MACs: hmac-sha2-256,hmac-sha2-512"

I went to Session Setting but have seen that those protocols above are not used by my SecureCRT.



Is there a way to implement it mannualy on SecureCRT or do you know any other options i can modify for making it works?
Thanks for help.
Reply With Quote
  #2  
Old 04-16-2018, 07:34 AM
bgagnon bgagnon is offline
VanDyke Technical Support
 
Join Date: Oct 2008
Posts: 3,532
Hi malick.mbaye,

What version of SecureCRT are you using?

Quote:
I went to Session Setting but have seen that those protocols above are not used by my SecureCRT.
They are not protocols, so I am not sure if you were looking in the right places.

Quote:
No compatible key exchange method. The server supports these methods: curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
Support for the latter one was added in v7.3:

Changes in SecureCRT 7.3 (Beta 3) -- September 9, 2014
------------------------------------------------------

  • Added support for diffie-hellman-group-exchange-sha256 key-exchange algorithm.
Support for curve25519 is a feature request:

I have added this thread to a feature request in our product enhancement database to implement curve25519-sha256 and curve25519-sha256@libssh.org key exchange algo. Should a future release of SecureCRT include this feature, notification will be posted here.

If you prefer direct email notification, send an email to support@vandyke.com and include "Feature Request - Forum Thread #13086" in the subject line or use this form from the support page of our website.

If using v7.3.x or later, you should be able to enable diffie-hellman-group-exchange-sha256 in the Connection / SSH2 category of Session Options (in the key exchange grouping).


Quote:
No compatible MAC. The server supports these MACs: hmac-sha2-256,hmac-sha2-512"
Support for these MACs was added in v7.2:

Changes in SecureCRT 7.2 (Beta 1) -- October 8, 2013 (7.2.0.359)
----------------------------------------------------
  • SSH2: Added support for SHA-2 MAC algorithms.
If using v7.2.x or later (but of course you need v7.3 for the above), you should be able to enable SHA2 MACs in the Connection / SSH2 / Advanced category of Session Options (in the MAC grouping). It is recommended that SHA2-256 be higher in the list than SHA2-512 because some servers don't properly implement the 512 version.
__________________
Thanks,
--Brenda

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730

Last edited by jdev; 04-16-2018 at 08:46 AM.
Reply With Quote
  #3  
Old 09-11-2018, 09:20 AM
johnpoz johnpoz is offline
Registered User
 
Join Date: May 2016
Posts: 5
Running 8.5 of securecrt and sill no love for KEX
curve25519-sha256@libssh.org

Any possible private beta with support for this KEX?
Reply With Quote
  #4  
Old 09-11-2018, 09:44 AM
ekoranyi ekoranyi is offline
VanDyke Technical Support
 
Join Date: Jan 2017
Posts: 527
Hi johnpoz,

I have recorded your interest in our database of SecureCRT feature requests so that the product director can evaluate it for possible inclusion in a future release. Due to export restrictions, we are required to submit a request to the Federal Government before support for curve25519-sha256@libssh.org can be added to our products. At this time, we don't know how long this process will take..

Should a version of SecureCRT become available with this feature, we will be sure to let you know.
__________________
Thanks,
--Eric

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 12:42 AM.