Ubuntu after upgrade - ssh exchange failed

server 16.04 ssh
17,910

Solution 1

This means the diffie-hellman-group1-sha1 is not present in the default set of key exchange algorithms.

To get the ssh option permanent, add the follwoing to your ~/.ssh/config (or globally in /etc/ssh/ssh_config):

KexAlgorithms=+diffie-hellman-group1-sha1

Be careful about the Host, Match etc selective declarations while adding the directive if you want it globally as values inside those snippets apply to the mentioned set only. Whenever unsure, put it at the top.

Solution 2

Hi guys this is what it worked for me

Adding this line above to /etc/ssh/ssh_config

KexAlgorithms diffie-hellman-group1-sha1,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

Uncomment (Delete the #) this line Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc, then save the file and execute these commands ssh-keygen -A and service ssh restart.

If you did it well then you should be able to ssh without adding this -oKexAlgorithms=+diffie-hellman-group1-sha1 to the ssh command.

Share:
17,910

Related videos on Youtube

user612336
Author by

user612336

Updated on September 18, 2022

Comments

  • user612336
    user612336 over 1 year

    I have a little bit problem after upgrading Ubuntu from 14.04 to 16.04. I've try to estabilish SSH connections with some servers trough SSH but after upgrade in some cases I have these output:

    Unable to negotiate with 10.13.45.221 port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

    I know about adding this : ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@legacyhost

    But maybe is another way to enable it globally and use only ssh user@host like in 14.04?

  • Thomas Ward
    Thomas Ward over 3 years
    This is basically what the original answer says, except that it leaves the defaults alone and simply adds one kex mechanism. Also, the 3des ciphers alone aren't needed - you simply need to only alter the KexAlgorithms - no need to alter the ciphers.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Enable SSH Root Login with Password in Ubuntu Server 16.04
How to install Pageant or other on Ubuntu
Ubuntu 16.04 LTS sshd restart problem
Send ZFS snapshot to remote machine
Disable all Logging in Ubuntu Server
Only allow one user on system to be SSH'd into
Ubuntu 16.04 How to Disable UFW On Startup Through Config
SSH failed to start - Missing privilege separation directory: /var/run/sshd
SSH Server stops working after reboot, caused by missing /var/run/sshd
This appear after login with SSH: * Overheard at KubeCon: "microk8s.status just blew my mind"