Describe the bug
libssh2 appears to be susceptible to "Terrapin attack" where MiTM attacker is able to tamper with the SSH early protocol exchange. https://terrapin-attack.com/

Expected behavior
libssh2 should preferably include support for "strict KEX" extension as defined in section 1.9 in https://github.com/openssh/openssh-portable/blob/8241b9c0529228b4b86d88b1a6076fb9f97e4a99/PROTOCOL#L140C1-L140C45