0 votes
by (220 points)

Hello,
I have checked KEX and HostKey algorithms lists and haven't found
ecdsa-sha2-nistp384 and ecdsa-sha2-nistp384.
(only ecdsa-sha2-nistp256 is available)

Is there way to enable the mentioned algorithms?


Checked on SSH client based on Rebex Components 2019 R2/R3 + RebexEllipticCurvePlugins

Applies to: SSH Pack

1 Answer

+1 vote
by (73.5k points)
selected by
 
Best answer

Yes, the ecdsa-sha2-nistp384 and ecdsa-sha2-nistp521 algorithms are also supported.

The complete list of supported algorithms can be found at https://www.rebex.net/sftp.net/features/ssh.aspx#ciphers

The algorithms can be enabled like this:

var client = new Sftp();
client.Settings.SshParameters.HostKeyAlgorithms |= SshHostKeyAlgorithm.ECDsaNistP384 | SshHostKeyAlgorithm.ECDsaNistP521;
client.Settings.SshParameters.KeyExchangeAlgorithms |= SshKeyExchangeAlgorithm.ECDiffieHellmanNistP384 | SshKeyExchangeAlgorithm.ECDiffieHellmanNistP521;

If the OS does not have native support for the ecdsa-sha2-nistp384 and ecdsa-sha2-nistp521, the mentioned plugins has to be used.

...