[
https://issues.apache.org/jira/browse/GUACAMOLE-1461?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17445717#comment-17445717
]
Mike Jumper commented on GUACAMOLE-1461:
----------------------------------------
The Jenkins job that rebuilds the guacd image is now set to use Debian stable
for the base image, so this should no longer be an issue for the nightly
rebuilds. If you pull the latest guacd image from Docker Hub, you should now
have libssh2 1.9.0 and elliptic curve KEX support.
> Include libssh2 1.9.0 or later in guacd Docker image
> ----------------------------------------------------
>
> Key: GUACAMOLE-1461
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1461
> Project: Guacamole
> Issue Type: Improvement
> Components: guacd-docker
> Reporter: Patrick Young
> Priority: Major
> Attachments: image-2021-11-18-14-26-03-940.png,
> image-2021-11-18-14-27-02-502.png, ssh-debug.pcap
>
>
> libssh2 has recently grown support for elliptic curve cryptography, including
> support for elliptic curve KEX algorithms. The current guacd Docker image
> doesn't inherit this support, however, because it uses Debian Buster as its
> base image. To have access to a newer libssh2, the guacd image will need to
> use at least Debian Bullseye.
> It may be worth updating the image to simply point at Debian stable, assuming
> there is no longer any issue with the FreeRDP version included by that
> version of Debian. Meanwhile, the Jenkins build that performs nightly
> rebuilds of the established Docker images for the previous release can simply
> be updated to point to Debian Bullseye with its build args and thus magically
> become up-to-date.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
