> Sven, how you have identified the key exchange algorithm used by libssh2, is > there any way to identify using fingerprint or key??
I'm looking at what sshd logs on the server end. Or you start sshd with the "-d" argument which logs to stdout and prevents sshd from being backgrounded. You could also harden sshd by adding the following to sshd_config (don't forget to restart the deamon afterwards): KexAlgorithms curve25519-sha...@libssh.org,diffie-hellman-group-exchange-sha256 Ciphers chacha20-poly1...@openssh.com,aes256-...@openssh.com,aes128-...@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr MACs hmac-sha2-512-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-ripemd160-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,umac-...@openssh.com Since SHA1 is not listed as KexAlgorithms, if the connection is still possible, the client must have used SHA256. Cheers, -sven -- Sent via pgadmin-support mailing list (pgadmin-support@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgadmin-support
