Sorry to pick up this old topic I ran this week into the same problem except my known_hosts file contains ecdsa-sha2-nistp256 keys. Since OpenSSH also determines the order of the host key algorithms by checking the known_hosts file I would like you to reconsider adding such an algorithm.
Here an extract of an OpenSSH debug log: debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.9p1 Ubuntu-2ubuntu0.2 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.9p1 Debian-5ubuntu1.10 debug1: match: OpenSSH_5.9p1 Debian-5ubuntu1.10 pat OpenSSH_5* compat 0x0c000000 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to xxxx.com:22 as 'git' debug3: hostkeys_foreach: reading file "/home/yyyy/.ssh/known_hosts" debug3: record_hostkey: found key type ECDSA in file /home/yyyy/.ssh/known_hosts:1 debug3: load_hostkeys: loaded 1 keys from xxxx.com debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received I currently fixed this by setting the the "server_host_key" config. Never the less this is sub-optimal as I need to repeat this for every new project that uses JSch. It is prone to break if our IT department decides to change the host key algorithm. Thanks Stephan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ JSch-users mailing list JSch-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jsch-users
