<div><div dir="auto">Oh, you are absolutely right, the problem was in user  permission. Thanks a lot</div></div><div><br><div class="gmail_quote"><div dir="ltr">пт, 5 окт. 2018 г. в 10:00, Hans Nilsson R <<a href="mailto:hans.r.nilsson@ericsson.com">hans.r.nilsson@ericsson.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
1) Are there host keys in /etc/ssh ?<br>
2) Are the *private* keys in /etc/ssh and that directory readable by the user running erl ?<br>
<br>
Note that it is potentially dangerous to make the private keys world readable.  I would<br>
recommend you to generate new host keys (ssh-keygen) in a separate directory readable only by the user<br>
running erlang.<br>
<br>
/Hans<br>
<br>
On 10/04/2018 11:13 PM, Alexander Petrovsky wrote:<br>
> Hello, I've some strange problem, when I run ssh server and try to connect<br>
> to it from code on the same machine I've got an error:<br>
> <br>
> Selection of key exchange algorithm failed<br>
> <br>
> Server:<br>
> <br>
>> ssh:daemon(Port, [{system_dir,            "/etc/ssh"},<br>
>>                               {subsystems,<br>
>>  [wm_ssh_sftp_ext:subsystem_spec(),<br>
>><br>
>>  ssh_sftpd:subsystem_spec([{cwd, _CWD = "/"}])]},<br>
>>                               {user_passwords,    [{"user", "pass"}]}]).<br>
> <br>
> <br>
> Client:<br>
> <br>
>> Opts = [{user, "user"},<br>
>>              {password, "pass"},<br>
>>              {silently_accept_hosts, true}],<br>
>> ssh:connect(Node, Port, Opts, _Timeout = 5000).<br>
> <br>
> <br>
> When I capture ssh traffic I find out that the server doesn't suggest<br>
> `host_key_algorithms`<br>
> <br>
>                 kex_algorithms length: 257<br>
>>                 kex_algorithms string [truncated]:<br>
>> ecdh-sha2-nistp384,ecdh-sha2-nistp521,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-grou<br>
>>                 server_host_key_algorithms length: 0<br>
>>                 server_host_key_algorithms string: [Empty]<br>
>>                 encryption_algorithms_client_to_server length: 98<br>
>>                 encryption_algorithms_client_to_server string:<br>
>> <a href="mailto:aes256-gcm@openssh.com" target="_blank">aes256-gcm@openssh.com</a>,aes256-ctr,aes192-ctr,<a href="mailto:aes128-gcm@openssh.com" target="_blank">aes128-gcm@openssh.com</a><br>
>> ,aes128-ctr,aes128-cbc,3des-cbc<br>
>>                 encryption_algorithms_server_to_client length: 98<br>
>>                 encryption_algorithms_server_to_client string:<br>
>> <a href="mailto:aes256-gcm@openssh.com" target="_blank">aes256-gcm@openssh.com</a>,aes256-ctr,aes192-ctr,<a href="mailto:aes128-gcm@openssh.com" target="_blank">aes128-gcm@openssh.com</a><br>
>> ,aes128-ctr,aes128-cbc,3des-cbc<br>
>>                 mac_algorithms_client_to_server length: 37<br>
>>                 mac_algorithms_client_to_server string:<br>
>> hmac-sha2-256,hmac-sha2-512,hmac-sha1<br>
>>                 mac_algorithms_server_to_client length: 37<br>
>>                 mac_algorithms_server_to_client string:<br>
>> hmac-sha2-256,hmac-sha2-512,hmac-sha1<br>
>>                 compression_algorithms_client_to_server length: 26<br>
>>                 compression_algorithms_client_to_server string: none,<br>
>> <a href="mailto:zlib@openssh.com" target="_blank">zlib@openssh.com</a>,zlib<br>
>>                 compression_algorithms_server_to_client length: 26<br>
>>                 compression_algorithms_server_to_client string: none,<br>
>> <a href="mailto:zlib@openssh.com" target="_blank">zlib@openssh.com</a>,zlib<br>
>>                 languages_client_to_server length: 0<br>
>>                 languages_client_to_server string: [Empty]<br>
>>                 languages_server_to_client length: 0<br>
>>                 languages_server_to_client string: [Empty]<br>
>>                 First KEX Packet Follows: 0<br>
>>                 Reserved: 00000000<br>
>>             Padding String: 21850013139a828f718a<br>
> <br>
> <br>
> But the client has some values:<br>
> <br>
>                 kex_algorithms length: 257<br>
>>                 kex_algorithms string [truncated]:<br>
>> ecdh-sha2-nistp384,ecdh-sha2-nistp521,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-grou<br>
>>                 server_host_key_algorithms length: 101<br>
>>                 server_host_key_algorithms string:<br>
>> ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ecdsa-sha2-nistp256,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss<br>
>>                 encryption_algorithms_client_to_server length: 98<br>
>>                 encryption_algorithms_client_to_server string:<br>
>> <a href="mailto:aes256-gcm@openssh.com" target="_blank">aes256-gcm@openssh.com</a>,aes256-ctr,aes192-ctr,<a href="mailto:aes128-gcm@openssh.com" target="_blank">aes128-gcm@openssh.com</a><br>
>> ,aes128-ctr,aes128-cbc,3des-cbc<br>
>>                 encryption_algorithms_server_to_client length: 98<br>
>>                 encryption_algorithms_server_to_client string:<br>
>> <a href="mailto:aes256-gcm@openssh.com" target="_blank">aes256-gcm@openssh.com</a>,aes256-ctr,aes192-ctr,<a href="mailto:aes128-gcm@openssh.com" target="_blank">aes128-gcm@openssh.com</a><br>
>> ,aes128-ctr,aes128-cbc,3des-cbc<br>
>>                 mac_algorithms_client_to_server length: 37<br>
>>                 mac_algorithms_client_to_server string:<br>
>> hmac-sha2-256,hmac-sha2-512,hmac-sha1<br>
>>                 mac_algorithms_server_to_client length: 37<br>
>>                 mac_algorithms_server_to_client string:<br>
>> hmac-sha2-256,hmac-sha2-512,hmac-sha1<br>
>>                 compression_algorithms_client_to_server length: 26<br>
>>                 compression_algorithms_client_to_server string: none,<br>
>> <a href="mailto:zlib@openssh.com" target="_blank">zlib@openssh.com</a>,zlib<br>
>>                 compression_algorithms_server_to_client length: 26<br>
>>                 compression_algorithms_server_to_client string: none,<br>
>> <a href="mailto:zlib@openssh.com" target="_blank">zlib@openssh.com</a>,zlib<br>
>>                 languages_client_to_server length: 0<br>
>>                 languages_client_to_server string: [Empty]<br>
>>                 languages_server_to_client length: 0<br>
>>                 languages_server_to_client string: [Empty]<br>
>>                 First KEX Packet Follows: 0<br>
>>                 Reserved: 00000000<br>
>>             Padding String: 49945334a432cfa4a0371700f6<br>
> <br>
> <br>
> Could someone help me please resolve this problem?<br>
> <br>
> <br>
> <br>
> _______________________________________________<br>
> erlang-questions mailing list<br>
> <a href="mailto:erlang-questions@erlang.org" target="_blank">erlang-questions@erlang.org</a><br>
> <a href="http://erlang.org/mailman/listinfo/erlang-questions" rel="noreferrer" target="_blank">http://erlang.org/mailman/listinfo/erlang-questions</a><br>
> <br>
<br>
_______________________________________________<br>
erlang-questions mailing list<br>
<a href="mailto:erlang-questions@erlang.org" target="_blank">erlang-questions@erlang.org</a><br>
<a href="http://erlang.org/mailman/listinfo/erlang-questions" rel="noreferrer" target="_blank">http://erlang.org/mailman/listinfo/erlang-questions</a><br>
</blockquote></div></div>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr">Петровский Александр / Alexander Petrovsky,<br><br>Skype: askjuise<br><div>Phone: +7 931 9877991<div><br></div></div></div></div></div></div>