Skip to Content

Fixing SSH “No Matching Host Key Type Found” Error

By: Author David Cao

Posted on Last updated:

0 Comments

Categories DevOps, Linux

To fix the “no matching host key type found” error in SSH, you need to modify your SSH client configuration to accept the host key types offered by the SSH server.

This error typically occurs when your SSH client does not support or is not configured to accept the host key types provided by the server.

Example error

Unable to negotiate with X.X.X.X port 22. no matching host key type found. Their offer: rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519.

Here’s a general approach to resolving this issue:

Temporarily Allow Key Type in Command

Specify the host key algorithms directly in your SSH command:

ssh -o HostkeyAlgorithms=+ssh-rsa,ssh-dss user@hostname

Or you can add these options to the SSH client configuration file.

Modify SSH Client Configuration file

To resolve SSH host key type errors, modify the SSH client configuration:

  1. Edit the SSH client configuration file. Use ~/.ssh/config for a specific user or /etc/ssh/ssh_config for system-wide settings.
  2. Add or modify the line with HostkeyAlgorithms followed by the required host key type. For example, HostkeyAlgorithms ssh-rsa.
  3. Save the file and retry the SSH connection to implement the changes.

 

Troubleshooting Steps

Identify Supported Key Types

List the key types your client supports using ssh -Q key

You can do this by running the following command in your terminal:

ssh -Q key

This will display a list of supported key types, such as ssh-rsa, ecdsa-sha2-nistp256, ssh-ed25519, etc.

Identify Server-Offered Key Types

Look at the error message you received (e.g., “no matching host key type found. Their offer: ssh-rsa,ssh-dss”). It should list the key types the server is offering.

Compare the Lists

Compare the key types from your client’s list with those offered by the server. Identify any matching key types. If there’s a match, ensure your SSH configuration is set to use one of these common key types.

Following these steps can help you modify your SSH client to accommodate the server’s host key types, resolving the error while considering security implications.

SSH Host key and How to Fix Remote Host Key Has Changed Error

Obtaining SSH Host Key Fingerprint in Linux

2 ways to Automatically Accept an SSH Host Key Fingerprint in Linux

15 SSH Best Practices Every Linux Admin Should Know

Understanding SSH config file with Examples

3 ways to fix SSH Permission denied (publickey)