SFTP using Expect - Bad protocol 2 host key algorithms

Any IBM i topic that does not fit in another forum
Post Reply
kmm13
Posts: 2
Joined: Tue Oct 03, 2023 6:07 pm

SFTP using Expect - Bad protocol 2 host key algorithms

Post by kmm13 »

Hello, we are trying to get SFTP working on an IBM i, and when it runs the script we are getting this message,
Bad protocol 2 host key algorithms '+ssh-dss'.
Connection closed.
sftperror.PNG
sftperror.PNG (9.18 KiB) Viewed 7687 times
This is the first part of the SFTP script file:
************Beginning of data**************
#!/usr/local/bin/expect -f
set timeout 60
spawn sftp -oHostKeyAlgorithms=+ssh-dss $env(SSH_USER)@$env(SSH_HOST)
expect {
default {exit 2}
"continue connecting (yes/no" {send "yes\n"; exp_continue}
"assword:" {send "$env(SSH_PASS)\n"; exp_continue}
"sftp>"

Any ideas on how to resolve this error? Thank you!
Scott Klement
Site Admin
Posts: 653
Joined: Sun Jul 04, 2021 5:12 am

Re: SFTP using Expect - Bad protocol 2 host key algorithms

Post by Scott Klement »

My guess is that version of OpenSSH (the sftp program is part of the OpenSSH package) that you're running does not support that host key algorithm.

You make it sound like the problem is somehow related to Expect, and I don't understand how that could be. If you run the commands yourself at the command line, you don't get the same error?

Why are you specifying this host key algorithm?
kmm13
Posts: 2
Joined: Tue Oct 03, 2023 6:07 pm

Re: SFTP using Expect - Bad protocol 2 host key algorithms

Post by kmm13 »

Scott Klement wrote: Tue Oct 03, 2023 8:32 pm My guess is that version of OpenSSH (the sftp program is part of the OpenSSH package) that you're running does not support that host key algorithm.

You make it sound like the problem is somehow related to Expect, and I don't understand how that could be. If you run the commands yourself at the command line, you don't get the same error?

Why are you specifying this host key algorithm?
I specified the host key because the person that initially created the script had it in there, and it worked on two other systems without a problem. We tried it without "-oHostKeyAlgorithms=+ssh-dss" and the SFTP worked like a charm. Thank you for your help!
Scott Klement
Site Admin
Posts: 653
Joined: Sun Jul 04, 2021 5:12 am

Re: SFTP using Expect - Bad protocol 2 host key algorithms

Post by Scott Klement »

I don't have a problem with a host key?

Your issue is that telling it to use a particular algorithm for host keys that isn't available in the version of OpenSSH you're using. I was asking why.

You say "it worked on two other systems!" -- were they the same version of OpenSSH? I'm going to guess they were newer versions.
Post Reply