SFTP: Connection is not using a post-quantum key exchange algorithm.

[bndt206]

I'm trying to set up sftp backup to replace googledrive.

Dest is a synology with sftp enabled on port 2222
I've created an rsa key and I can connect to the dest with winscp/sftp, from my PC.
The dest is pingable from the FW

However, I get the following error trying to connect from the FW.

"The following input errors were detected:
** WARNING: connection is not using a post-quantum key exchange algorithm. ** This session may be vulnerable to "store now, decrypt later" attacks. ** The server may need to be upgraded. See https://openssh.com/pq.html backup@prnnas02.xxxx.yyy: Permission denied (publickey,password). Connection closed[/i]"

What am I doing wrong?

/Peter

[meyergru]

See: https://www.openssh.org/pq.html

From openssh 10.1 on, this warning is given if the SSH server cannot provide a PQ key exchange mechanism. Obviously, your synology cannot do this or is not configured to do it. OpnSense uses openssh 10.2.

You can either try to configure the server to use these mechanisms, if available or choose to disable the warning in your client.

Other than that, it is only a warning.

What is more problematic is the permission denied error - the reason for that should be something else.