doc:appunti:linux:sa:ssh_config
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| doc:appunti:linux:sa:ssh_config [2022/02/28 18:12] – [No matching key exchange method] niccolo | doc:appunti:linux:sa:ssh_config [2022/02/28 18:23] (current) – ["no matching host key type" and "no mutual signature algorithm"] niccolo | ||
|---|---|---|---|
| Line 21: | Line 21: | ||
| This will force the use of **diffie-hellman-group1-sha1** key exchange method, which is considered less secure nowday. | This will force the use of **diffie-hellman-group1-sha1** key exchange method, which is considered less secure nowday. | ||
| - | ===== no mutual signature algorithm ===== | + | ===== "no matching host key type" and "no mutual signature algorithm" |
| + | |||
| + | Problem connecting from an Android environment with **Termux version 0.118.0** (February 2022) to an old **Debian 6 Squeeze**: | ||
| + | |||
| + | < | ||
| + | Unable to negotiate with 192.168.0.250 port 22: | ||
| + | no matching host key type found. Their offer: ssh-rsa, | ||
| + | </ | ||
| + | |||
| + | So the first option to add is **HostKeyAlgorithms**, | ||
| + | |||
| + | < | ||
| + | debug1: send_pubkey_test: | ||
| + | debug1: No more authentication methods to try. | ||
| + | root@192.168.0.250: | ||
| + | </ | ||
| + | |||
| + | So also the **PubkeyAcceptedKeyTypes** is required: | ||
| + | |||
| + | < | ||
| + | ssh -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa root@192.168.0.250 | ||
| + | </ | ||
doc/appunti/linux/sa/ssh_config.1646068349.txt.gz · Last modified: 2022/02/28 18:12 by niccolo