diff --git a/src/twisted/conch/ssh/transport.py b/src/twisted/conch/ssh/transport.py
index 0028707c9a8..bd76b0a8459 100644
--- a/src/twisted/conch/ssh/transport.py
+++ b/src/twisted/conch/ssh/transport.py
@@ -1063,7 +1063,9 @@ def _getKey(self, c, sharedSecret, exchangeHash):
         k1 = hashProcessor(sharedSecret + exchangeHash + c + self.sessionID)
         k1 = k1.digest()
         k2 = hashProcessor(sharedSecret + exchangeHash + k1).digest()
-        return k1 + k2
+        k3 = hashProcessor(sharedSecret + exchangeHash + k1 + k2).digest()
+        k4 = hashProcessor(sharedSecret + exchangeHash + k1 + k2 + k3).digest()
+        return k1 + k2 + k3 + k4
 
 
     def _keySetup(self, sharedSecret, exchangeHash):
diff --git a/src/twisted/conch/test/test_transport.py b/src/twisted/conch/test/test_transport.py
index dbc2ec9bc00..98a3515a759 100644
--- a/src/twisted/conch/test/test_transport.py
+++ b/src/twisted/conch/test/test_transport.py
@@ -1238,7 +1238,10 @@ def test_getKey(self):
         k1 = self.hashProcessor(
             b'AB' + b'CD' + b'K' + self.proto.sessionID).digest()
         k2 = self.hashProcessor(b'ABCD' + k1).digest()
-        self.assertEqual(self.proto._getKey(b'K', b'AB', b'CD'), k1 + k2)
+        k3 = self.hashProcessor(b'ABCD' + k1 + k2).digest()
+        k4 = self.hashProcessor(b'ABCD' + k1 + k2 + k3).digest()
+        self.assertEqual(
+            self.proto._getKey(b'K', b'AB', b'CD'), k1 + k2 + k3 + k4)
 
 
 
diff --git a/src/twisted/newsfragments/8258.bugfix b/src/twisted/newsfragments/8258.bugfix
new file mode 100644
index 00000000000..f0af8f4196c
--- /dev/null
+++ b/src/twisted/newsfragments/8258.bugfix
@@ -0,0 +1 @@
+twisted.conch.ssh now generates correct keys when using hmac-sha2-512 with SHA1 based KEX algorithms.