• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Mister PKI

SSL Certificates * SSL Tools * Certificate Decoder

  • Buy SSL Certificates
  • Blog
  • OpenSSL
  • Keytool
  • SSL Tools
  • Donate

SSH: No matching host key type found

April 19, 2023 by Mister PKI Leave a Comment

The purpose of this article is to demonstrate how to use ssh to remotely connect to an older linux host from a newer version of openssh when receiving the no matching host key type found error. The example in this article was used against an older RHEL 6.5 server.

If you attempt to ssh into an older operating system that doesn’t support modern key algorithms, you may encounter the following error:

Unable to negotiate with <ip address> port 22: no matching host key type found. Their offer: ssh-dss

This error message means that your version of openssh does not support ssh-dss (or whatever the stated algorithm is), and must be included in your ssh command.

To carry on and successfully connect, run the following command.

ssh -oHostKeyAlgorithms=+ssh-dss <user>@example.com

Again, note that ssh-dss is the algorithm in question here, but can be any algorithm. If RSA, then the algorithm will be ssh-rsa

Alternatively, you can edit the ~/.ssh/config file to include the host key algorithm so that you do not have to manually type it every time.

Host <host>
  HostName <host ip address>
  HostKeyAlgorithms=+ssh-dss

This may also be done in Putty if using Windows or if using the scp command on linux.

Conclusion

This article has demonstrated how to recover from the no matching host key type found when using ssh. Let us know in the comments if you have any questions. If this article was helpful, please read more of our content.

linux,  redhat,  ssh

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Popular Posts

PKCS12

openssl s_client

Keytool

Keytool list

ECDSA vs RSA

OpenSSL

PKCS7

Certificate Decoder

Buy SSL Certificates

The SSL Store

Comodo Store

Sectigo Store

RapidSSL

Recent Posts

  • SSH: No matching host key type found
  • pkcs12
  • Proxy Addresses Active Directory
  • Windows Private Key Permissions
  • Install .NET 3.5 on Windows Server 2019

Footer

  • Twitter
  • YouTube

Pages

  • About Mister PKI
  • Blog
  • Compare and Buy Affordable PKI Certificates
  • Contact Us
  • Full Disclosure
  • Privacy Policy
  • SSL Tools – Certificate Decoder and Certificate Checker

Copyright © 2023