Welcome to the VanDyke Software Forums

Join the discussion today!

Go Back   VanDyke Software Forums > General


Closed Thread
Thread Tools Display Modes
Old 10-02-2018, 01:59 PM
bgagnon bgagnon is offline
VanDyke Technical Support
Join Date: Oct 2008
Posts: 4,636
Question FAQ: What causes the "No compatible cipher" error in SecureCRT?

If you are getting some form of the below error in SecureCRT:
Key exchange failed.
No compatible cipher.
The server supports these ciphers: ChaCha20-Poly1305,AES-128-CTR,AES-192-CTR,AES-256-CTR,AES-128-GCM,AES-256-GCM

You can turn on Trace Options output (File menu) and find this info:
[LOCAL] : Available Remote Send Ciphers = chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
[LOCAL] : Selected Send Cipher = aes256-ctr 
[LOCAL] : Available Remote Recv Ciphers = chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
[LOCAL] : Selected Recv Cipher = aes256-ctr

Ciphers: The "Available" lists what the remote is advertising it supports. SecureCRT will try its listed cipher methods (in the Connection / SSH2 / Advanced category of Session Options) in order. The list can be reordered using the Up/Down arrow buttons next to the list.
As of version 8.5.1, current Ciphers supported are (with version when support was first added):
ChaCha20-Poly1305 (v8.3.x)*
AES-256-GCM (v8.3.x)
AES-128-GCM (v8.3.x)
AES-256-CTR (v6.1.x)
AES-192-CTR (v6.1.x)
AES-128-CTR (v6.1.x)
AES-256 (v3.3.x)
AES-192 (v3.3.x)
AES-128 (v3.3.x)
Blowfish (v3.0.x)*/**
Twofish (v3.0.x)*

3DES (v3.0.x)
DES (v3.0.x) [SSH1 only]
RC4 (v3.0.x)*/**
*Not available when client is running in FIPS mode
**Removed support for Blowfish and RC4 as of v9.0

Please note: AES-256, AES-192 and AES-128 are CBC (cipher block chaining) ciphers.

You can employ the power of editing the Default session to enable any new ciphers in all of your existing and future sessions. Here are some links to a tip and a video that provide more details about using the Default session to make mass changes to multiple sessions:
Attached Images
File Type: png SCRT851_altered_Cipher_category.png (43.9 KB, 18440 views)
File Type: png key_ex_cipher_error_in_SecureCRT.png (29.0 KB, 17814 views)

VanDyke Software
Technical Support
(505) 332-5730

Last edited by bgagnon; 10-29-2020 at 08:37 AM. Reason: Marked non-FIPS compliant ciphers
Closed Thread

chacha , cipher , ctr , debugging , faq , gcm , securecrt , securefx , troubleshooting

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT -6. The time now is 05:50 AM.