We have upgrade our SFTP server to Redhat 8 with OpenSSH_8.0p1 server
+ FIPS is enabled as part of DoD compliance.
Our partner uploads data to us and they use edtFTPnet/PRO 188.8.131.52.
They can no longer connect to our SFTP server, we are seeing errors:
no matching host key type found. Their offer: ssh-dss,ssh-rsa
As best as I can tell, the culprit here is FIPS on our server, but we cannot disable FIPS, or we will be out of compliance with DoD security.
This worked fine with Redhat 6 as the server and edtFTPnet/PRO 184.108.40.206 as the client, but that is most likely because Redhat 6 had looser security controls and ciphers.
My understanding is that "ssh-dss,ssh-rsa" implies SHA-1 signatures, which FIPS will not allow.
Can you tell us if the user who uses edtFTPnet/PRO 220.127.116.11 as their client software:
1) needs to upgrade edtFTPnet/PRO
2) needs to generate a new keypair
4) Some other problem?