<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family: "Courier New", monospace; font-size: 10pt; color: rgb(0, 0, 0);">
The "Key exchange failed" error indicates that there is no agreement in the first phase where different algorithms are negotiated.</div>
<div style="font-family: "Courier New", monospace; font-size: 10pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: "Courier New", monospace; font-size: 10pt; color: rgb(0, 0, 0);">
A common cause is that there are no common cipher algorithm available. For example the AES-256 CBC is not available in Erlang SSH.</div>
<div style="font-family: "Courier New", monospace; font-size: 10pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: "Courier New", monospace; font-size: 10pt; color: rgb(0, 0, 0);">
Which otp version do you use?</div>
<div style="font-family: "Courier New", monospace; font-size: 10pt; color: rgb(0, 0, 0);">
What does the function ssh:default_algorithms() return?</div>
<div style="font-family: "Courier New", monospace; font-size: 10pt; color: rgb(0, 0, 0);">
What algorithms does the server provide? (Check by telnet the server, type "SSH-2.0-xxx" and look at the funny characters that is returned. Or post them here)<br>
</div>
<div style="font-family: "Courier New", monospace; font-size: 10pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: "Courier New", monospace; font-size: 10pt; color: rgb(0, 0, 0);">
/Hans <br>
</div>
<div id="appendonsend"></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>Frĺn:</b> erlang-questions-bounces@erlang.org <erlang-questions-bounces@erlang.org> för József Bérces <jozsef.berces@ericsson.com><br>
<b>Skickat:</b> den 8 oktober 2019 09:23<br>
<b>Till:</b> Erlang Questions <erlang-questions@erlang.org><br>
<b>Ämne:</b> [erlang-questions] ssh:connect "Key exchange failed"</font>
<div> </div>
</div>
<style>
<!--
@font-face
{font-family:"Cambria Math"}
@font-face
{font-family:Calibri}
p.x_MsoNormal, li.x_MsoNormal, div.x_MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif}
a:link, span.x_MsoHyperlink
{color:#0563C1;
text-decoration:underline}
a:visited, span.x_MsoHyperlinkFollowed
{color:#954F72;
text-decoration:underline}
span.x_EmailStyle17
{font-family:"Calibri",sans-serif;
color:windowtext}
.x_MsoChpDefault
{font-family:"Calibri",sans-serif}
@page WordSection1
{margin:1.0in 1.0in 1.0in 1.0in}
div.x_WordSection1
{}
-->
</style>
<div lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="x_WordSection1">
<p class="x_MsoNormal">Hi,</p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal">I need to connect to an ssh server but ssh:connect always returns "Key exchange failed". I can connect with KiTTY, and checking the KiTTY logs I suspect that the problem is the 1024-bit RSA key.
</p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal">Could you please check the KiTTY log below what is not supported by the Erlang SSH client?
</p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal">Is there any way to add the missing support to the Erlang SSH client so that I could connect to this server?</p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal">Thanks,</p>
<p class="x_MsoNormal">Jozsef</p>
<p class="x_MsoNormal"> </p>
<p class="x_MsoNormal">2019-10-07 14:37:58 Starting 42264 from XXXXX@XXXXXX</p>
<p class="x_MsoNormal">2019-10-07 14:38:07 Connecting to 10.XXX.XXX.XXX port 22</p>
<p class="x_MsoNormal">2019-10-07 14:38:07 We claim version: SSH-2.0-PuTTY_KiTTY</p>
<p class="x_MsoNormal">2019-10-07 14:38:07 Server version: SSH-2.0-Sun_SSH_1.1.5</p>
<p class="x_MsoNormal">2019-10-07 14:38:07 Using SSH protocol version 2</p>
<p class="x_MsoNormal">2019-10-07 14:38:08 Doing Diffie-Hellman group exchange</p>
<p class="x_MsoNormal">2019-10-07 14:38:08 Doing Diffie-Hellman key exchange with hash SHA-1</p>
<p class="x_MsoNormal">2019-10-07 14:38:08 Server also has ssh-dss host key, but we don't know it</p>
<p class="x_MsoNormal">2019-10-07 14:38:08 Host key fingerprint is:</p>
<p class="x_MsoNormal">2019-10-07 14:38:08 ssh-rsa 1024 XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX</p>
<p class="x_MsoNormal">2019-10-07 14:38:16 Initialised AES-256 CBC client->server encryption</p>
<p class="x_MsoNormal">2019-10-07 14:38:16 Initialised HMAC-SHA1-96 client->server MAC algorithm</p>
<p class="x_MsoNormal">2019-10-07 14:38:16 Initialised AES-256 CBC server->client encryption</p>
<p class="x_MsoNormal">2019-10-07 14:38:16 Initialised HMAC-SHA1-96 server->client MAC algorithm</p>
<p class="x_MsoNormal">2019-10-07 14:38:22 Using SSPI from SECUR32.DLL</p>
<p class="x_MsoNormal">2019-10-07 14:38:22 Attempting GSSAPI authentication</p>
<p class="x_MsoNormal">2019-10-07 14:38:22 GSSAPI authentication initialisation failed</p>
<p class="x_MsoNormal">2019-10-07 14:38:22 The target was not recognized.</p>
<p class="x_MsoNormal">2019-10-07 14:38:22 Attempting keyboard-interactive authentication</p>
<p class="x_MsoNormal">2019-10-07 14:38:30 Access granted</p>
<p class="x_MsoNormal">2019-10-07 14:38:30 Opening session as main channel</p>
<p class="x_MsoNormal">2019-10-07 14:38:30 Opened main channel</p>
<p class="x_MsoNormal">2019-10-07 14:38:30 Allocated pty (ospeed 38400bps, ispeed 38400bps)</p>
<p class="x_MsoNormal">2019-10-07 14:38:31 Started a shell/command</p>
</div>
</div>
</body>
</html>