Backlog Git-SSH enables new public key and key exchange algorithms

We’re enabling a new public key type and a new key exchange algorithm for Backlog. In addition, we’re disabling an old key exchange algorithm.

Key changes in Backlog

Starting November 1st, 2018, our Git servers will:

– Support the new public key type “Ed25519”
– Support the new key exchange algorithm “”
– Disable the key exchange algorithm “diffie-hellman-group-exchange-sha256”

New public key type

After the update, you will be able to register an Edwards-curve Digital Signature Algorithm (EdDSA) public key as your SSH public key on Backlog. You can also continue to use all your SSH public keys that you have already registered.

Public key type At present After update
DSA (ssh-dss) X X
RSA (ssh-rsa) X X
ECDSA (ecdsa-sha2-nistp256) X X
ECDSA (ecdsa-sha2-nistp384) X X
ECDSA (ecdsa-sha2-nistp521) X X
Ed25519 (ssh-ed25519) X

Ed25519 is supported by OpenSSH 6.5 and later. It offers a better security with faster performance compared to DSA or ECDSA, so please use it.

New key exchange algorithms

After the update, we will support a new key exchange algorithm “” that is more secure than existing ones. Plus, we will disable the key exchange algorithm “diffie-hellman-group-exchange-sha256”.

If your client supports one or more of the following new algorithms, the client will automatically start to use them. However, if your client is set to use “diffie-hellman-group-exchange-sha256” or doesn’t support the new algorithms, the client will not connect to our Git servers.

Key Exchange Algorithm At present After update
diffie-hellman-group-exchange-sha256 X
diffie-hellman-group14-sha1 X X
ecdh-sha2-nistp256 X X
ecdh-sha2-nistp384 X X
ecdh-sha2-nistp521 X X X

How to check your client settings

Please check your client settings and its user manual about key exchange algorithms for SSH. If your client does not support the above new key exchange algorithms, please upgrade the client to the latest version. If your client is set to use diffie-hellman-group-exchange-sha256, please change your client setting.

Example: git command

git command uses OpenSSH for its SSH connection. If the following line is in your OpenSSH configuration file (ex. ~/.ssh/config.), your client uses diffie-hellman-group-exchange-sha256 only.

KexAlgorithms diffie-hellman-group-exchange-sha256

You can remove this line or add + just before diffie-hellman-group-exchange-sha256.

Update Plan

This update will happen across all Backlog spaces starting November 1st, 2018. We will notify you of all maintenance information on your Backlog Dashboard.

Gain skills, learn strategies, move projects forward

Collaborate and bring your projects to life with Nulab

Learn more