On Wed, Nov 22, 2017 at 6:54 PM, flittermice <flitterm...@gmx.at> wrote:
> I'm using version 0.9.13. My goal was to make a SSH connection to a host > using my existing ed25519 keys. But I permanently got "SSH handshake > failed" > in guacd. > > So I have spent many hours of searching for the reason. Finally it turned > out that it is only possible to use RSA keys: > 1. ECDSA and Ed25519 private keys will not work because Guacamole won't be > able to recognize the key format. > 2. I configured my server to send an Ed25519 host key. This was the reason > for the "SSH handshake failed" errors. > > Switching back to RSA keys solved the problem for me. > > Should this behaviour be documented? Or should the new key types be > implemented? > Or am I missing something? > Guacamole server (guacd) uses libssh2 for all of the SSH functionality, so Guacamole supports whatever libssh2 support for host keys and ciphers. The following web page has a list of the host keys and ciphers supported by libssh2: https://www.libssh2.org/libssh2-vs-libssh.html It looks like libssh2 only supports ssh-rsa and ssh-dss, and does not support the ones you are looking for (ssh-ed* and ecdsa-*). I'm open to brushing up the documentation with some information that at least points people to the correct place to determine the supported host keys and ciphers. -Nick
