[
https://issues.apache.org/jira/browse/GUACAMOLE-1461?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17445739#comment-17445739
]
Patrick Young commented on GUACAMOLE-1461:
------------------------------------------
If I manually copy the origin HostKeyAlgorithms value and add `,ssh-rsa` , all
things worked. So this problem can be confirmed is caused by host key algorithm
not enabled in libssh2 side (although it seems already implemented).
[~mjumper]
> Include libssh2 1.9.0 or later in guacd Docker image
> ----------------------------------------------------
>
> Key: GUACAMOLE-1461
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-1461
> Project: Guacamole
> Issue Type: Improvement
> Components: guacd-docker
> Reporter: Patrick Young
> Priority: Major
> Attachments: CleanShot 2021-11-18 at [email protected],
> image-2021-11-18-14-26-03-940.png, image-2021-11-18-14-27-02-502.png,
> ssh-debug.pcap
>
>
> libssh2 has recently grown support for elliptic curve cryptography, including
> support for elliptic curve KEX algorithms. The current guacd Docker image
> doesn't inherit this support, however, because it uses Debian Buster as its
> base image. To have access to a newer libssh2, the guacd image will need to
> use at least Debian Bullseye.
> It may be worth updating the image to simply point at Debian stable, assuming
> there is no longer any issue with the FreeRDP version included by that
> version of Debian. Meanwhile, the Jenkins build that performs nightly
> rebuilds of the established Docker images for the previous release can simply
> be updated to point to Debian Bullseye with its build args and thus magically
> become up-to-date.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
