We're using PHPSecLib 1.0.23 in an application deployed at a customer site. The customer has recently removed several weaker algorithms from all of the ssh configs. PHPSecLib 1 doesn't seem to be able to connect. We do use v3 in our new application - and it works as expected (thanks PHPSecLib devs!). Their policy file is below.
Is there anyway to get v1.0.23 working here or are we out of luck?
mac = AEAD HMAC-SHA2-256 HMAC-SHA1 UMAC-128 HMAC-SHA2-384 HMAC-SHA2-512
group = X25519 X448 SECP256R1 SECP384R1 SECP521R1
FFDHE-2048 FFDHE-3072 FFDHE-4096 FFDHE-6144 FFDHE-8192
hash = SHA2-256 SHA2-384 SHA2-512 SHA3-256 SHA3-384 SHA3-512 SHA2-224 SHA1
sign = ECDSA-SHA3-256 ECDSA-SHA2-256 \
ECDSA-SHA3-384 ECDSA-SHA2-384 \
ECDSA-SHA3-512 ECDSA-SHA2-512 \
EDDSA-ED25519 EDDSA-ED448 \
RSA-PSS-SHA2-256 RSA-PSS-SHA2-384 RSA-PSS-SHA2-512 \
RSA-SHA3-256 RSA-SHA2-256 \
RSA-SHA3-384 RSA-SHA2-384 \
RSA-SHA3-512 RSA-SHA2-512 \
ECDSA-SHA2-224 RSA-PSS-SHA2-224 RSA-SHA2-224 \
ECDSA-SHA1 RSA-PSS-SHA1 RSA-SHA1
cipher = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 CAMELLIA-256-GCM \
AES-256-CTR AES-128-GCM AES-128-CCM \
CAMELLIA-128-GCM AES-128-CTR
cipher@TLS = AES-256-GCM AES-256-CCM CHACHA20-POLY1305 \
AES-128-GCM AES-128-CCM
key_exchange = ECDHE RSA DHE-RSA PSK DHE-PSK ECDHE-PSK ECDHE-GSS DHE-GSS
protocol@TLS = TLS1.3 TLS1.2 DTLS1.2
protocol@IKE = IKEv2
min_dh_size = 2048
min_dsa_size = 2048
min_rsa_size = 2048
sha1_in_certs = 1
arbitrary_dh_groups = 1
ssh_certs = 1
ssh_etm = 1