The new Integration FTP Agent (IG FTP) cannot connect to a SFTP server where the Server Host Key has been generated with RSA as host key algorithm.
The error in the Job Log is:
Connection attempt failed: Algorithm negotiation fail: algorithmName="server_host_key" jschProposal="rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521" serverProposal="ssh-rsa,ssh-dss"
Component: Integration FTP Agent
Version: 21.0.9 and superior
By default, ssh-rsa and ssh-dss are not enabled in the Integration FTP Agent as they were considered as insecure in since versions Openssh version 8.8 and superior.
This is explained here:
In order to enable in the new Integration FTP (IG_FTP) agent the old insecure host and public key algorithms and ciphers, you will need to modify the startup command in the service manager configuration file to the following:
java -Djsch.server_host_key=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss -Djsch.client_pubkey=ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss -Djsch.cipher=blowfish-cbc,3des-cbc,aes128-cbc,aes192-cbc,aes256-cbc,3des-ctr,aes128-ctr,aes192-ctr,aes256-ctc,arcfour,arcfour128,arcfour256 -jar ucxjftp.jar
You can check this post in the community where all the different parameters are explained in much more detail (all credits to Eric Lontz). Please note that a maximum of 512 characters can be used when starting the Agent via the Service Manager, so you may have to remove some of the different values so that it fits.
Other jsch startup options could include:
-Djsch.kex=
-Djsch.mac=
See more information about the consideration of ssh-rsa as insecure in latest versions of Openssh here:
https://www.endpointdev.com/blog/2023/04/ssh-host-key/