Welcome to the VanDyke Software Forums

Join the discussion today!

Go Back   VanDyke Software Forums > General


Closed Thread
Thread Tools Display Modes
Old 10-02-2018, 11:48 AM
bgagnon bgagnon is offline
VanDyke Technical Support
Join Date: Oct 2008
Posts: 4,636
Question FAQ: What causes the "No compatible key-exchange method" error in SecureCRT?

If you are getting some form of the below error:
Key exchange failed.
No compatible key-exchange method.
The server supports these methods: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14

You can turn on Trace Options output (File menu) and find this info:
[LOCAL] : Available Remote Kex Methods = curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1 
[LOCAL] : Selected Kex Method = ecdh-sha2-nistp521

KEX or Key Exchange methods: In SecureCRT, configurable in the Connection / SSH2 category of Session Options.
As of version 8.7.3, the current Key Exchange algorithms supported are (with version when support was first added):
diffie-hellman-group18-sha512 (v8.7.x)
diffie-hellman-group16-sha512 (v8.7.x)
diffie-hellman-group14-sha256 (v8.7.x)
curve25519-sha256 (v8.5.x)*
ecdh-sha2-nistp521 (v7.3.x)
ecdh-sha2-nistp384 (v7.3.x)
ecdh-sha2-nistp256 (v7.3.x)
diffie-hellman-group-exchange-sha256 (v7.3.x)
diffie-hellman-group14 (v5.0.x)
diffie-hellman-group (v3.0.x)
Kerberos (v3.0.x)*
Kerberos (Group Exchange) (v3.0.x)*
*Not available when client is running in FIPS mode

Note that while diffie-hellman is still available, it was disabled as of v8.0 due to well-documented flaws in the algorithm associated with news surrounding the Logjam vulnerability. Many other SSH servers and clients have turned off default support for the diffie-hellman key exchange algorithm.

Changes in SecureCRT 8.0 (Beta 1) -- January 28, 2016 (
  • SSH2: The "diffie-hellman" key exchange algorithm is off for the default session. This change only affects new installations.

You can employ the power of editing the Default session to enable any new key-exchange algorithms in all of your existing and future sessions. Here are some links to a tip and a video that provide more details about using the Default session to make mass changes to multiple sessions:
Note: In order for a "change" to be applied to all other sessions, the Default session's option/field you're targeting must actually be modified/different from its current value.
Attached Images
File Type: png line.png (522 Bytes, 132101 views)
File Type: png key_ex_error_in_SCRT.png (29.0 KB, 49621 views)
File Type: png SCRT873_altered_key_ex_category.png (47.5 KB, 38175 views)

VanDyke Software
Technical Support
(505) 332-5730

Last edited by bgagnon; 10-29-2020 at 08:09 AM. Reason: Update regarding three new methods in 8.7
Old 11-28-2018, 01:57 PM
bgagnon bgagnon is offline
VanDyke Technical Support
Join Date: Oct 2008
Posts: 4,636

Hi All,

Good News!

Our developers have implemented support for the curve25519-sha256 key exchange algorithm (known by two names, curve25519-sha256 and curve25519-sha256@libssh.org, it's the same algorithm in both cases).

If you would like us to make this pre-release build available to you, please contact support@vandyke.com and include "Curve25519 feature request" (or similar) in the subject line. If writing us from an email address other than that associated with your VanDyke Software download account, then please indicate in the body of the email what email address is associated with your download account.

VanDyke Software
Technical Support
(505) 332-5730
Closed Thread

curve , debugging , diffie-hellman , ecdh , faq , kex , keyex , securecrt , securefx , troubleshooting

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT -6. The time now is 06:01 PM.