What I observed is that the entries in known_hosts created by ssh that are not supported contain a string ecdsa-sha2-nistp256 instead of ssh-rsa. Hashed entries with ssh-rsa are supported. readelf -d /usr/bin/x2goclient |does not show a dependency on libcrypto which contains the elliptic curve cryptography functions while readlef -d /usr/bin/ssh shows such a dependency.| Best regards Heinrich Schuchardt