What are the challenges you face when working across database platforms? Take the survey

SSH Keyexchange Issues

When I try to connect to my remote DB using SSH, it fails with the following error:

"Can't connect to SSH server on '[IP address]': Server does not support curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 for keyexchange"

However, when I run "ssh -Q kex" on my server, I get the following:

* diffie-hellman-group14-sha256
* diffie-hellman-group16-sha512
* diffie-hellman-group18-sha512
* diffie-hellman-group-exchange-sha256
* ecdh-sha2-nistp256
* ecdh-sha2-nistp384
* ecdh-sha2-nistp521
* curve25519-sha256
* curve25519-sha256@libssh.org

(the starred ones are listed in MySQL Compare's error output)

Does anyone know how to resolve this?


  • Options
    RichPastyRichPasty Posts: 2 New member
    edited November 11, 2022 1:17PM
    I had the same problem on my system.

    Client is on latest Windows 11 Pro, server is Debian Bullseye

    Doing the same check as you shows that there are Kex in common, but still won't connect.

    I did a wireshark capture to find out what's going on. It seems that Redgate is only asking for diffie-hellman-group1-sha1 and diffie-hellman-group14-sha1

    Enabling diffie-hellman-group14-sha1 on the server by adding:

    KexAlgorithms +diffie-hellman-group14-sha1

    to etc / ssh / sshd_config

    and restarting ssh fixed it for me.

  • Options
    RichPastyRichPasty Posts: 2 New member
    edited November 11, 2022 1:17PM
    cloudflare doesn't like the full path to sshd_config, and gives an error.
Sign In or Register to comment.