When profiling in MCU the following error is seen: Key exchange has timed out on host: ip address (4265596)

In this case the cause was that on the target system changes had been made to the sshd_config file to restrict certain MACs. For example:

tail sshd_config
# MACs
#hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-sha1-96,hmac-md5-96,hmac-sha2-256,hmac-sha256-96,hmac-sha2-512,hmac-sha2-512-96
Macs hmac-sha2-512,hmac-sha2-256,hmac-ripemd160

This config is commenting out all MACs except for  hmac-sha2-512,hmac-sha2-256,hmac-ripemd160

The MCU is looking for  hmac-md5 or hmac-sha1

The discrepancy can be seen in the MCU debug log files:

This is the line from the debug stderrout showing the issue:

** 13:03:01.307 SSH2Transport.disconnectInternal() : 'disconnect: No match in kex params 'mac-algorithms-cli2srv', our's: hmac-md5,hmac-sha1, peer's: hmac-sha2-512,hmac-sha2-256,hmac-ripemd160'

This is an MCU issue and Product Defect #753453 has been raised to address the issue in a future release.

In MCU 2.5.1 the only fix is to enable one of the MACs that MCU is looking for either hmac-md5 or hmac-sha1 in sshd_config.

* Update with regards to product defect 753453, code was added in MCU 2.5.2.19014 so that the MCU now supports hmac-sha2-256.