|
|||||||
 |
|
|
Thread Tools | Display Modes |
|
|||||||
|
|
|
Thread Tools | Display Modes |
|
#1
10-02-2018, 11:48 AM
|
|||
|
|||
FAQ: What causes the "No compatible key-exchange method" error in SecureCRT?
If you are getting some form of the below error:
Key exchange failed.You can turn on Trace Options output (File menu) and find this info: Code:
[LOCAL] : Available Remote Kex Methods = curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 [LOCAL] : Selected Kex Method = ecdh-sha2-nistp521 KEX or Key Exchange methods: In SecureCRT, configurable in the Connection / SSH2 category of Session Options. As of version 8.7.3, the current Key Exchange algorithms supported are (with version when support was first added): diffie-hellman-group18-sha512 (v8.7.x) diffie-hellman-group16-sha512 (v8.7.x) diffie-hellman-group14-sha256 (v8.7.x) curve25519-sha256 (v8.5.x)* ecdh-sha2-nistp521 (v7.3.x) ecdh-sha2-nistp384 (v7.3.x) ecdh-sha2-nistp256 (v7.3.x) diffie-hellman-group-exchange-sha256 (v7.3.x) diffie-hellman-group14 (v5.0.x) diffie-hellman-group (v3.0.x) Kerberos (v3.0.x)* Kerberos (Group Exchange) (v3.0.x)* *Not available when client is running in FIPS mode Note that while diffie-hellman is still available, it was disabled as of v8.0 due to well-documented flaws in the algorithm associated with news surrounding the Logjam vulnerability. Many other SSH servers and clients have turned off default support for the diffie-hellman key exchange algorithm. Changes in SecureCRT 8.0 (Beta 1) -- January 28, 2016 (8.0.0.1011) ----------------------------------------------------------------------------------- Changes:
You can employ the power of editing the Default session to enable any new key-exchange algorithms in all of your existing and future sessions. Here are some links to a tip and a video that provide more details about using the Default session to make mass changes to multiple sessions: https://www.vandyke.com/support/tips/defaultset.html Note: In order for a "change" to be applied to all other sessions, the Default session's option/field you're targeting must actually be modified/different from its current value.
__________________
Thanks, --Brenda VanDyke Software Technical Support support@vandyke.com (505) 332-5730 Last edited by bgagnon; 10-29-2020 at 08:09 AM. Reason: Update regarding three new methods in 8.7 |
|
#2
11-28-2018, 01:57 PM
|
|||
|
|||
|
Update
Hi All,
Good News! Our developers have implemented support for the curve25519-sha256 key exchange algorithm (known by two names, curve25519-sha256 and curve25519-sha256@libssh.org, it's the same algorithm in both cases). If you would like us to make this pre-release build available to you, please contact support@vandyke.com and include "Curve25519 feature request" (or similar) in the subject line. If writing us from an email address other than that associated with your VanDyke Software download account, then please indicate in the body of the email what email address is associated with your download account. 
__________________
Thanks, --Brenda VanDyke Software Technical Support support@vandyke.com (505) 332-5730 |
|
| Tags |
| curve , debugging , diffie-hellman , ecdh , faq , kex , keyex , securecrt , securefx , troubleshooting |
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
