No common Kex Algo, eventhough it should be the case?!

[LB767]

Hello,

I'm trying to make a very simple ssh client using async-ssh2-tokio, but cannot get it to work. I'm opening the issue here because this seems to be a russh problem (sorry if it's not).

When trying to connect, I get: DEBUG - Could not find common kex algorithm, other side only supports Ok("ecdh-sha2-nistp256"), we only support [Name("curve25519-sha256"), Name("curve25519-sha256@libssh.org"), Name("diffie-hellman-group16-sha512"), Name("diffie-hellman-group14-sha256"), Name("ext-info-c"), Name("ext-info-s"), Name("kex-strict-c-v00@openssh.com"), Name("kex-strict-s-v00@openssh.com")]

But ecdh-sha2-nistp256 is listed here as a supported key exchange, so why does it not appear in the debug list??

I must be missing something very stupid but can't tell what...

(SSH'ing through Putty or Windows directly works totally fine)

[Eugeny]

ECDH support was added relatively recently, which russh version does is it using?

[LB767]

I'm using the latest async-ssh2-tokio which should be using russh 0.45

[Eugeny]

Oh right, I don't know whether async-ssh2-tokio enables all algorithms by default or lets you choose them, but the NIST curves are disabled by default due to security considerations - you need to specify the allowed kex list manually if you want to use them.

[Eugeny]

Looks like it is exposed via Config::preferred: https://docs.rs/async-ssh2-tokio/0.8.12/async_ssh2_tokio/struct.Config.html

[LB767]

Ahhh so that's what it was, setting it manually works fine :)

Thank you very much and sorry for the troubles!