Unable to connect machines on different IP

[T-449]

I am trying to implement OpenSSH from the OQS project. Although it works fine on local host, I am getting errors when trying to run on different IPs. This is what I have done:

Assume that I am using KEX algorithm =frodokem-640-shake-sha256, HostKeyAlgorithms="ssh-dilithium5", PubkeyAcceptedKeyTypes ="ssh-dilithium5". I am running an Ubuntu 22.04(LTS) as the server and the same in a VM as the client.

I copied the server public key from the file ssh-dilithium5.pub and put it in the known hosts file of the client under a custom alias and the IP of the server and at the end I appended user@server(user and servers are the device names not the literals)

I copied the client public key from the file ssh-dilithium5.pub and put it in the authorised keys file of the server and appended user@server at the end

I run the server and the client and although the server key matches, the client fails to verify to the server. I have attached 2 images. One of them shows that the server has been verified whereas the other shows that the client has not.

I have followed the docs step by step but I didn't find any instructions regarding server-client connections other than local host

Shouldn't there be two public key files, one for the host/server and one for the client? -> I am not sure if the public key I am using for the client is the right one

[dstebila]

I am not certain, but it seems possible that SSH does not like it when you use the same key for both the client and the server. So that would be the first thing I'd change to see if it fixes the problem.

[T-449]

Thanks Douglas, but unfortunately, this fails too. I tried using rsa keys for the HostKeyAlgorithms and PubkeyAcceptedKeyTypes. I generated the pub/pvt key pairs using ssh-keygen separately in both devices and made changes to the known hosts and authorised keys files accordingly. But still the issue persists.

[dstebila]

I'm not sure I'll be able to help you then as I have not been very hands on with this code in a while. You could try comparing your sequence of operations with the ones in the Docker files for the OpenSSH demo in the OQS-demos repository, which should work correctly.