tomaswolf commented on issue #525: URL: https://github.com/apache/mina-sshd/issues/525#issuecomment-2222550618
As far as I see all checks for Bouncy Castle and that eddsa library being available are done. There is nothing to do in that respect. _However:_ There is indeed a bug in our implementation of sntrup761x25519-sha512 that causes the key exchange to fail with probability 1/256 with an `SshException` "KeyExchange signature verification failed for key type=...". So most of the time it works, but sometimes it'll fail. Work-around: don't use sntrup761x25519-sha512. Explicitly set the DH factories you want on the SshClient, and do _not_ include sntrup761x25519-sha512 in that list. This bug will be fixed in the next release. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org
