unknown key Name("ecdsa-sha2-nistp256")

[Ovizro]

This is a strange problem when I try to run the sftp server example code on a raspberry pi. I tried it on my laptop but couldn't reproduce the problem.

System: Linux raspberrypi 5.15.84-v7l+ #1613 SMP Thu Jan 5 12:01:26 GMT 2023 armv7l GNU/Linux
Rust: rustc 1.75.0 (82e1608df 2023-12-21)

SFTP client log:

OpenSSH_8.4p1 Raspbian-5+deb11u1, OpenSSL 1.1.1w  11 Sep 2023
debug1: Reading configuration data /home/ovizro/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/ovizro/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/ovizro/.ssh/known_hosts2'
debug2: resolving "localhost" port 2210
debug2: ssh_connect_direct
debug1: Connecting to localhost [::1] port 2210.
debug1: connect to address ::1 port 2210: Connection refused
debug1: Connecting to localhost [127.0.0.1] port 2210.
debug1: Connection established.
debug1: identity file /home/ovizro/.ssh/id_rsa type -1
debug1: identity file /home/ovizro/.ssh/id_rsa-cert type -1
debug1: identity file /home/ovizro/.ssh/id_dsa type -1
debug1: identity file /home/ovizro/.ssh/id_dsa-cert type -1
debug1: identity file /home/ovizro/.ssh/id_ecdsa type -1
debug1: identity file /home/ovizro/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/ovizro/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/ovizro/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/ovizro/.ssh/id_ed25519 type -1
debug1: identity file /home/ovizro/.ssh/id_ed25519-cert type -1
debug1: identity file /home/ovizro/.ssh/id_ed25519_sk type -1
debug1: identity file /home/ovizro/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/ovizro/.ssh/id_xmss type -1
debug1: identity file /home/ovizro/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.4p1 Raspbian-5+deb11u1
debug1: Remote protocol version 2.0, remote software version russh_0.41.0-beta.1
debug1: no match: russh_0.41.0-beta.1
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to localhost:2210 as 'ovizro'
debug3: put_host_port: [localhost]:2210
debug3: hostkeys_foreach: reading file "/home/ovizro/.ssh/known_hosts"
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,ssh-ed25519,sk-ssh-ed25519@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group14-sha256,ext-info-s,kex-strict-s-v00@openssh.com
debug2: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,rsa-sha2-256,rsa-sha2-512
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
debug2: MACs ctos: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1-etm@openssh.com,hmac-sha1
debug2: MACs stoc: hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,hmac-sha1-etm@openssh.com,hmac-sha1
debug2: compression ctos: none,zlib,zlib@openssh.com
debug2: compression stoc: none,zlib,zlib@openssh.com
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
Connection closed by 127.0.0.1 port 2210
Connection closed

SFTP server log:

[2024-01-19T15:39:58Z DEBUG russh::ssh_read] read_ssh_id: reading
[2024-01-19T15:39:58Z DEBUG russh::ssh_read] read 42
[2024-01-19T15:39:58Z DEBUG russh::ssh_read] Ok("SSH-2.0-OpenSSH_8.4p1 Raspbian-5+deb11u1\r\n")
[2024-01-19T15:39:58Z DEBUG russh::server::kex] server kex init: [20, 27, 181, 9, 100, 17, 134, 99, 202, 58, 211, 52, 153, 135, 66, 44, 165, 0, 0, 0, 116, 99, 117, 114, 118, 101, 50, 53, 53, 49, 57, 45, 115, 104, 97, 50, 53, 54, 44, 99, 117, 114, 118, 101, 50, 53, 53, 49, 57, 45, 115, 104, 97, 50, 53, 54, 64, 108, 105, 98, 115, 115, 104, 46, 111, 114, 103, 44, 100, 105, 102, 102, 105, 101, 45, 104, 101, 108, 108, 109, 97, 110, 45, 103, 114, 111, 117, 112, 49, 52, 45, 115, 104, 97, 50, 53, 54, 44, 101, 120, 116, 45, 105, 110, 102, 111, 45, 115, 44, 107, 101, 120, 45, 115, 116, 114, 105, 99, 116, 45, 115, 45, 118, 48, 48, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 0, 0, 0, 57, 115, 115, 104, 45, 101, 100, 50, 53, 53, 49, 57, 44, 101, 99, 100, 115, 97, 45, 115, 104, 97, 50, 45, 110, 105, 115, 116, 112, 50, 53, 54, 44, 114, 115, 97, 45, 115, 104, 97, 50, 45, 50, 53, 54, 44, 114, 115, 97, 45, 115, 104, 97, 50, 45, 53, 49, 50, 0, 0, 0, 85, 99, 104, 97, 99, 104, 97, 50, 48, 45, 112, 111, 108, 121, 49, 51, 48, 53, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 44, 97, 101, 115, 50, 53, 54, 45, 103, 99, 109, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 44, 97, 101, 115, 50, 53, 54, 45, 99, 116, 114, 44, 97, 101, 115, 49, 57, 50, 45, 99, 116, 114, 44, 97, 101, 115, 49, 50, 56, 45, 99, 116, 114, 0, 0, 0, 85, 99, 104, 97, 99, 104, 97, 50, 48, 45, 112, 111, 108, 121, 49, 51, 48, 53, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 44, 97, 101, 115, 50, 53, 54, 45, 103, 99, 109, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 44, 97, 101, 115, 50, 53, 54, 45, 99, 116, 114, 44, 97, 101, 115, 49, 57, 50, 45, 99, 116, 114, 44, 97, 101, 115, 49, 50, 56, 45, 99, 116, 114, 0, 0, 0, 123, 104, 109, 97, 99, 45, 115, 104, 97, 50, 45, 53, 49, 50, 45, 101, 116, 109, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 44, 104, 109, 97, 99, 45, 115, 104, 97, 50, 45, 50, 53, 54, 45, 101, 116, 109, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 44, 104, 109, 97, 99, 45, 115, 104, 97, 50, 45, 53, 49, 50, 44, 104, 109, 97, 99, 45, 115, 104, 97, 50, 45, 50, 53, 54, 44, 104, 109, 97, 99, 45, 115, 104, 97, 49, 45, 101, 116, 109, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 44, 104, 109, 97, 99, 45, 115, 104, 97, 49, 0, 0, 0, 123, 104, 109, 97, 99, 45, 115, 104, 97, 50, 45, 53, 49, 50, 45, 101, 116, 109, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 44, 104, 109, 97, 99, 45, 115, 104, 97, 50, 45, 50, 53, 54, 45, 101, 116, 109, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 44, 104, 109, 97, 99, 45, 115, 104, 97, 50, 45, 53, 49, 50, 44, 104, 109, 97, 99, 45, 115, 104, 97, 50, 45, 50, 53, 54, 44, 104, 109, 97, 99, 45, 115, 104, 97, 49, 45, 101, 116, 109, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 44, 104, 109, 97, 99, 45, 115, 104, 97, 49, 0, 0, 0, 26, 110, 111, 110, 101, 44, 122, 108, 105, 98, 44, 122, 108, 105, 98, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 0, 0, 0, 26, 110, 111, 110, 101, 44, 122, 108, 105, 98, 44, 122, 108, 105, 98, 64, 111, 112, 101, 110, 115, 115, 104, 46, 99, 111, 109, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
[2024-01-19T15:39:58Z DEBUG russh::cipher] writing, seqn = 0
[2024-01-19T15:39:58Z DEBUG russh::cipher] padding length 4
[2024-01-19T15:39:58Z DEBUG russh::cipher] packet_length 708
[2024-01-19T15:39:58Z DEBUG russh::ssh_read] id 42 42
[2024-01-19T15:39:58Z DEBUG russh::cipher] reading, len = [0, 0, 5, 228]
[2024-01-19T15:39:58Z DEBUG russh::cipher] reading, seqn = 0
[2024-01-19T15:39:58Z DEBUG russh::cipher] reading, clear len = 1508
[2024-01-19T15:39:58Z DEBUG russh::cipher] read_exact 1512
[2024-01-19T15:39:58Z DEBUG russh::cipher] read_exact done
[2024-01-19T15:39:58Z DEBUG russh::cipher] reading, padding_length 10
[2024-01-19T15:39:58Z DEBUG russh::negotiation] kex 212
[2024-01-19T15:39:58Z DEBUG russh::negotiation] kex 234
[2024-01-19T15:39:58Z DEBUG russh::negotiation] kex 242
[2024-01-19T15:39:58Z DEBUG russh::negotiation] client_compression = None
[2024-01-19T15:39:58Z DEBUG russh::server::kex] unknown key Name("ecdsa-sha2-nistp256")
[2024-01-19T15:39:58Z DEBUG russh::server] Connection closed with error

[Eugeny]

Could it be that you're using a different key for authentication in your rpi setup? Russh doesn't support P-256 keys, see #209

[Ovizro]

Sorry, I didn't go through the issues and PR lists carefully. I look forward to this feature being added.

[Ovizro]

I tried specifying the host key algorithm as ssh-ed25519 and it worked. But I think russh may be giving an incorrect list of host key algorithms supported by the server, which is causing the connection error.

[Szymongib]

This error surfaced for me after upgrading russh from 0.38.0 to 0.40.2 and russh-keys to 0.40.1. It is not example code, but did not change anything besides that.

I guess this is due to #208? My client code is using ssh-agent via ssh2 lib.