Netconf login: [Key algo is not mach, SSH key exchange error]

[zyboy2000]

Dear Engineer.

I encountered an issue while connecting Netopeer2 and ODL. Could you please help me support this.

netopeer2-2.4.5 libnetconf2-3.7.10

NETCONF login error, prompts algorithm mismatch.

SSH key exchange error (kex error: no match for method server host key algo: server [rsa-sha2-512, rsa-sha2-256], client [ssh-rsa, ssh-dss, ecdsa-sha2-nistp256, ecdsa-sha2-nistp364, ecdsa-sha2-nistp521]).

How to configure Netopeer2 to support the encryption algorithms listed by the client?

[michalvasko]

You should be able to configure those in the corresponding YANG module. You can use yanglint to learn the exact path of the nodes

> yanglint libnetconf2/modules/[email protected] -ii -f tree --schema-node /ietf-netconf-server:netconf-server/listen/endpoints/endpoint/ssh/ssh-server-parameters/transport-params/key-exchange
module: ietf-netconf-server
  +--rw netconf-server {central-netconf-server-supported}?
     +--rw listen! {ssh-listen or tls-listen}?
        +--rw endpoints
           +--rw endpoint* [name]
              +--rw (transport)
                 +--:(ssh) {ssh-listen}?
                    +--rw ssh
                       +--rw ssh-server-parameters
                          +--rw transport-params {sshcmn:transport-params}?
                             +--rw key-exchange
                                +--rw key-exchange-alg*   ssh-key-exchange-algorithm