doc:appunti:linux:sa:ssh_config
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revisionLast revisionBoth sides next revision | ||
| doc:appunti:linux:sa:ssh_config [2022/02/15 18:09] – [No matching key exchange method] niccolo | doc:appunti:linux:sa:ssh_config [2022/02/28 18:21] – [No mutual signature algorithm] niccolo | ||
|---|---|---|---|
| Line 20: | Line 20: | ||
| This will force the use of **diffie-hellman-group1-sha1** key exchange method, which is considered less secure nowday. | This will force the use of **diffie-hellman-group1-sha1** key exchange method, which is considered less secure nowday. | ||
| + | |||
| + | ===== "no matching host key type" and "no mutual signature algorithm" | ||
| + | |||
| + | Problem connecting from a modern (2022-02) **Termux** environment to an old **Debian 6 Squeeze**: | ||
| + | |||
| + | < | ||
| + | Unable to negotiate with 192.168.0.250 port 22: | ||
| + | no matching host key type found. Their offer: ssh-rsa, | ||
| + | </ | ||
| + | |||
| + | So the first option to add is **HostKeyAlgorithms**, | ||
| + | |||
| + | < | ||
| + | debug1: send_pubkey_test: | ||
| + | debug1: No more authentication methods to try. | ||
| + | root@192.168.0.250: | ||
| + | </ | ||
| + | |||
| + | So also the **PubkeyAcceptedKeyTypes** is required: | ||
| + | |||
| + | < | ||
| + | ssh -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa root@192.168.0.250 | ||
| + | </ | ||
doc/appunti/linux/sa/ssh_config.txt · Last modified: 2022/02/28 18:23 by niccolo