I have written an sFTP client in c++ using https://www.libssh.org/. I am using atmoz/sftp for testing purposes. I am running the container with the following command:

docker run \
  -d \
  --rm \
  -p 10001:22 \
  -v /home/me/somedir:/home/username/mount:ro \
  -v /home/me/somedir/ssh_host_rsa_key:/etc/ssh/ssh_host_rsa_key \
  -v /home/me/somedir/sshd_config:/etc/ssh/sshd_config:ro \
  -e SFTP_USERS=username:password:1001 \
  --name sftp-test-10001 \
  atmoz/sftp:latest

My sshd_config looks like this:

# Secure defaults
# See: https://stribika.github.io/2015/01/04/secure-secure-shell.html
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key

# Faster connection
# See: https://github.com/atmoz/sftp/issues/11
UseDNS no

# Limited access
PermitRootLogin no
X11Forwarding no
AllowTcpForwarding no

# Force sftp and chroot jail
Subsystem sftp internal-sftp
ForceCommand internal-sftp
ChrootDirectory %h

# Enable this for more logs
LogLevel VERBOSE

HostKeyAlgorithms +ssh-rsa

Note, that am specifying ssh-rsa and providing the key on purpose, since I am writing this client to integrate towards a legacy sFTP server. I am running into an issue where the server sporadically will not serve ssh-rsa for host key matching. libssh reports the following error: kex error : no match for method server host key algo: server [rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519], client [ssh-rsa]. I cannot reproduce this issue consistently, and thus I am grasping at straws.

Is there any case where the server will fail at providing the proper host-key ? When looking at the verbose logs of the container, I do not see any errors related to this.

Do note that my test cases connect to the server multiple times. I have even tried to enter a small delay between these, to see if this was related to some resource constraint, but with no luck.