Teleport proxy tunnel can not be established

[C-Logemann]

I just started to test teleport. Installing a test cluster and connect a test vm was very easy. Direct ssh connections are working. And I also got the VS code official remote setup running via tsh tunnel as its documented here:
https://goteleport.com/docs/server-access/guides/vscode/
Maybe the part where you can an need to deactivate "Use local server" is relevant.

The error console shows this error (anonymized):

[Info  - 22:52:46.266] Resolving ssh remote authority 'ssh-remote+sbridge.tptest.example.net' (attemp #1)
[Trace  - 22:52:46.282] Identity keys:
/Users/userexample/.tsh/keys/tptest.example.net/[email protected] ssh-rsa SHA256:sxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
[email protected] ssh-ed25519 SHA256:wlxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
[Trace  - 22:52:46.282] Spawning ProxyCommand: /usr/local/bin/tsh proxy ssh --cluster=tptest.example.net --proxy=tptest.example.net:443 [email protected]:3022
[Error  - 22:52:46.563] Error resolving authority
Error: Handshake failed: no matching host key format
	at u (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:370645)
	at doFatalError (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:371272)
	at Q (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:324638)
	at e.exports.j (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:345317)
	at NullDecipher.decrypt (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:284256)
	at e.exports.F [as _parse] (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:177925)
	at e.exports.parse (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:182312)
	at Duplexify.<anonymous> (/Users/userexample/.vscode-oss/extensions/jeanp413.open-remote-ssh-0.0.45-universal/out/extension.js:1:154578)
	at Duplexify.emit (node:events:517:28)
	at Duplexify.emit (node:domain:489:12)
	at addChunk (node:internal/streams/readable:335:12)
	at readableAddChunk (node:internal/streams/readable:308:9)
	at Readable.push (node:internal/streams/readable:245:10)
	at d._read (node:internal/streams/duplexify:348:16)
	at Socket.<anonymous> (node:internal/streams/duplexify:331:9)
	at Socket.emit (node:events:517:28)
	at Socket.emit (node:domain:489:12)
	at emitReadable_ (node:internal/streams/readable:601:12)
	at process.processTicksAndRejections (node:internal/process/task_queues:81:21)

(Edit: Replaced error code of a wrong proxy command based on error in a test situation with a working variant in context of direct ssh and vscode with microsoft remote plugin as described above)

[C-Logemann]

I forgot to mention that this is on MacOS 14.5.

[Crystal-RainSlide]

From the offical ssh config generated with tsh config, Teleport uses those host key algorithms:

HostKeyAlgorithms [email protected],[email protected],[email protected]

Which are certificate authentications. But ssh2 don't support that: mscdex/ssh2#551

VS code official remote is not suffering from this, just because they don't use ssh2 at all.