Tanzu for MySQL backup fails when Secure Copy Protocol (SCP) method is configured for backups with the error "handshake failed" error.

Upon checking the adbr-api logs from the MySQL ODB VM we can see the below error

[ERROR] 2025/09/01 06:00:07 list.go:74: failed to list backups for 5921c84f-eb02-4b34-92de-3a581d88blab: failed to ssh. Dial: ssh: handshake failed: ssh: no common algorithm for key exchange; client offered: [curve25519-sha256 [email protected] ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 diffie-hellman-group14-sha256 diffie-hellman-group14-shal ext-info-c [email protected]], server offered: [diffie-hellman-group-exchange-sha256 [email protected]]

This can happen if the client (in this case mysql) tries to connect to the server (backup server where the data copy is done using scp) with the key exchange algorithm which is not supported.

We need to add the below algorithm in the sshd_config file (/etc/ssh/sshd_config) on the server side (where the backup is stored)  as below:

KexAlgorithms curve25519-sha256,[email protected],ecdh-sha2-nistp256,diffie-hellman-group14-sha256,diffie-hellman-group-exchange-sha256

and then restart the sshd service using the command 

systemctl restart sshd 

systemctl status sshd