# How to get KEX algorithm curve25519-sha256@libssh.org ?

## toralf

https://bettercrypto.org/static/applied-crypto-hardening.pdf mentioned at page 17 a "curve25519-sha256@libssh.org" - but this is unknown here at my x86 Gentoo :

```
n22 /etc/ssh # /etc/init.d/sshd start

Unsupported KEX algorithm "curve25519-sha256@libssh.org"

/etc/ssh/sshd_config line 35: Bad SSH2 KexAlgorithms 'curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1'.

 * ERROR: sshd failed to start

```

How to solve it ?

----------

## mancha

Hello.

The document is slightly misleading as it seems to suggest curve25519 support is available as of openssh 6.1. In reality, it is not yet supported in a point release.

I have ported upstream code to 6.3p1 and 6.4p1 which you're welcome to use:

openssh-6.3p1-curve25519.diff

openssh-6.4p1-curve25519.diff

--mancha

----------

## Gatak

 *mancha wrote:*   

> Hello.
> 
> The document is slightly misleading as it seems to suggest curve25519 support is available as of openssh 6.1. In reality, it is not yet supported in a point release.
> 
> I have ported upstream code to 6.3p1 and 6.4p1 which you're welcome to use:
> ...

 

Thanks. I'll try it out asap, probably over the weekend.

----------

