Please answer these questions before submitting your issue. Thanks!

1. What version of Go are you using (go version)?
   1.6.2
2. What operating system and processor architecture are you using (go env)?
   linux/amd64
3. What did you do?
   Set a custom callback for ClientConfig HostKeyCallback
4. What did you expect to see?
   My own error when creating a client connection that failed due to my HostKeyCallback.
   The server returns the error as-is
   https://github.com/golang/crypto/blob/master/ssh/server.go#L151
   I wrongly assumed my error would be passed through in a similar fashion to how Bolt's API works, so this isn't a bug/issue so much as it is a small feature request.
5. What did you see instead?
   A new "generic" error wrapped by fmt.Errorf
   https://github.com/golang/crypto/blob/master/ssh/client.go#L77

So currently in the error I return from my HostKeyCallback I set additional information I'd like to retrieve later when making a client connection. Currently this is difficult because the error is always wrapped by fmt.Errorf at the line above. I know I can set additional state in my function (maybe a map with a mutex) or run a regex against the returned error to see if it contains my error, but neither of those seemed very good.

My idea is to add a simple HandshakeError type that saves a reference to the original error and is returned in the client handshake (maybe the sever handshake too). Something like this
https://play.golang.org/p/EjM5ijecz3
There are already other Error types in that package, and this one would print the same output if someone was expecting it. Alternatively removing the fmt.Errorf call would work, and would match how the ssh server returns the error from its handshake, which ever is best.