This page looks best with JavaScript enabled

Ssh Key Exchange

 ·  ☕ 1 min read

No matching key exchange

Somethimes you find this error when trying to connect to old devices

no matching key exchange method found.
Their offer: diffie-hellman-group-exchange-sha1,
diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

The OpenSSH has a page dedicated to Legacy Options issues such as this one.

It suggests the following approach, on the client:

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 123.123.123.123

or more permanently, adding to ~/.ssh/config.

Host 123.123.123.123
    KexAlgorithms +diffie-hellman-group1-sha1

This will enable the old algorithms on the client, allowing it to connect to the server.

Update - Suggestions received in Comments

1

To apply to all hosts just use wildcard

Host *
    KexAlgorithms +diffie-hellman-group1-sha1 ....

copyleft 2021, No Rights Reserved