C25519 Is Not Allowed In Fips Mode
Issue
kex_gen_client: Key exchange type c25519 is not allowed in FIPS modeSolution
- Check the server for accepted KEX
ssh -Q kex contoso.com -p 22diffie-hellman-group1-sha1diffie-hellman-group14-sha1diffie-hellman-group14-sha256diffie-hellman-group16-sha512diffie-hellman-group18-sha512diffie-hellman-group-exchange-sha1diffie-hellman-group-exchange-sha256ecdh-sha2-nistp256ecdh-sha2-nistp384ecdh-sha2-nistp521curve25519-sha256curve25519-sha256@libssh.orgsntrup761x25519-sha512@openssh.com
- Omit the issue KEX, since you have working ones that can be used
ssh -o KexAlgorithms=-curve25519-sha256 contoso.com