Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto/ssh: no common algorithm for host key, server offered: [x509v3-sign-rsa x509v3-ssh-rsa] #24266

lpzgithub opened this issue Mar 6, 2018 · 6 comments


Copy link

@lpzgithub lpzgithub commented Mar 6, 2018

Please answer these questions before submitting your issue. Thanks!

What version of Go are you using (go version)?

go version go1.9.3 darwin/amd64

Does this issue reproduce with the latest release?


What operating system and processor architecture are you using (go env)?


What did you do?

ssh handshake fail:
ssh: handshake failed: ssh: no common algorithm for host key; client offered: [ ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-rsa ssh-dss ssh-ed25519], server offered: [x509v3-sign-rsa x509v3-ssh-rsa]

[x509v3-sign-rsa x509v3-ssh-rsa] is not supported for host-key algorithms

// supportedHostKeyAlgos specifies the supported host-key algorithms (i.e. methods
// of authenticating servers) in preference order.
var supportedHostKeyAlgos = []string{
	CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01,
	CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01,

	KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521,
	KeyAlgoRSA, KeyAlgoDSA,


I expect supportedHostKeyAlgos support x509v3-ssh-rsa host-key algorithms.

@bradfitz bradfitz changed the title crypto/ssh: no common algorithm for host key, server offered: [x509v3-sign-rsa x509v3-ssh-rsa] x/crypto/ssh: no common algorithm for host key, server offered: [x509v3-sign-rsa x509v3-ssh-rsa] Mar 7, 2018
@gopherbot gopherbot added this to the Unreleased milestone Mar 7, 2018
Copy link

@bradfitz bradfitz commented Mar 7, 2018

/cc @hanwen

Copy link

@andybons andybons commented Mar 7, 2018

@hanwen I’m not sure what your comment means. Do you plan to support x509v3-ssh-rsa? If so then please add the NeedsFix label.

Copy link

@hanwen hanwen commented Mar 7, 2018

sorry, I was in a hurry.

the comment is a link to the RFC. I don't know anything about X509; Maybe @agl has input whether this is a worthwhile thing to support?

Copy link

@agl agl commented Mar 7, 2018

The draft expired 11 years ago. I don't think there's enough supporting evidence here to warrant implementation.

Copy link

@andybons andybons commented Mar 7, 2018

OK. Closing then.

@andybons andybons closed this Mar 7, 2018
@golang golang locked and limited conversation to collaborators Mar 7, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
6 participants
You can’t perform that action at this time.