Facebook
Twitter
-
If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
CentOS2Alma discussion
Hello, well, a client wants to use ssh2 and it doesn't connect and he's bothering me and I don't know where to go... and first they told me to update that
---
that is the error.. any suggestion?
ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys
---
I attach a screenshot of the php of that hosting and how I installed the ssh2 extension
[screenshots removed by admin due to privacy/security concerns]
---
that is the error.. any suggestion?
ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys
---
I attach a screenshot of the php of that hosting and how I installed the ssh2 extension
[screenshots removed by admin due to privacy/security concerns]
Last edited by a moderator:
The PHP PECL extension SSH2 should work perfectly fine with the OpenSSL version provided by Debian. The error message you're seeing has something to do with incompatible key exchange methods.
Maybe this helps:
askubuntu.com
Maybe this helps:
php 7.4, ssh_connect(), "Unable to exchange encryption keys" only when connecting to ubuntu 22.04 machines
I have a PHP tool that needs SSH access to some of my servers. This is an internal only application and it works 100% fine when talking to Ubuntu 18.04 machines. I started updating my machines to 2...
askubuntu.com
Same problem here with a Debian 10 / PHP 8.1 website and connexion to an external SFTP server (updated yesterday - don"t know linux distribution or version).
No problem before.
"ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys"
# openssl version
OpenSSL 1.1.1n 15 Mar 2022
I try:
ssh2_connect($hostAddr, $hostPort , [ 'hostkey' => 'ecdsa-sha2-nistp256,ssh-rsa'])
But always the problem.
Should we ask the external server provider to make these changes?:
Add these lines to /etc/ssh/sshd_config
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
and restart sshd
#sudo systemctl restart sshd
No problem before.
"ssh2_connect(): Error starting up SSH connection(-5): Unable to exchange encryption keys"
# openssl version
OpenSSL 1.1.1n 15 Mar 2022
I try:
ssh2_connect($hostAddr, $hostPort , [ 'hostkey' => 'ecdsa-sha2-nistp256,ssh-rsa'])
But always the problem.
Should we ask the external server provider to make these changes?:
Add these lines to /etc/ssh/sshd_config
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
and restart sshd
#sudo systemctl restart sshd
now they tell me in the destination server that: we have investigated a bit and our sftp uses ed25519 keys that it seems that the ssh2 library does not support. It seems that for example with phpseclib if you could connect
and this annoys me a lot because on top of that you can only connect from a certain IP and I can't do many tests
On my debian server, I have done: apt search phpseclib and I get this:
root@:~# apt search phpseclib
Sorting... Done
Full Text Search... Done
php-phpseclib/oldoldstable,oldoldstable 2.0.30-2~deb10u1 all
implementations of an arbitrary-precision integer arithmetic library
and this annoys me a lot because on top of that you can only connect from a certain IP and I can't do many tests
On my debian server, I have done: apt search phpseclib and I get this:
root@:~# apt search phpseclib
Sorting... Done
Full Text Search... Done
php-phpseclib/oldoldstable,oldoldstable 2.0.30-2~deb10u1 all
implementations of an arbitrary-precision integer arithmetic library
olgierdpytel
New Pleskian
If you have Debian 10 with OpenSSL 1.1.1n from March 15, 2022, and you are unable to update OpenSSL, it likely means that there is no newer version available for your operating system version.
now they tell me in the destination server that: we have investigated a bit and our sftp uses ed25519 keys that it seems that the ssh2 library does not support. It seems that for example with phpseclib if you could connect
and this annoys me a lot because on top of that you can only connect from a certain IP and I can't do many tests
On my debian server, I have done: apt search phpseclib and I get this:
root@:~# apt search phpseclib
Sorting... Done
Full Text Search... Done
php-phpseclib/oldoldstable,oldoldstable 2.0.30-2~deb10u1 all
implementations of an arbitrary-precision integer arithmetic library
and this annoys me a lot because on top of that you can only connect from a certain IP and I can't do many tests
On my debian server, I have done: apt search phpseclib and I get this:
root@:~# apt search phpseclib
Sorting... Done
Full Text Search... Done
php-phpseclib/oldoldstable,oldoldstable 2.0.30-2~deb10u1 all
implementations of an arbitrary-precision integer arithmetic library
Similar threads
