December 8, 2022
How to Fix 'No Matching Host Key Type Found' on Mac

How to Fix 'No Matching Host Key Type Found' on Mac

Posted October 28, 2022 at 3:41pm by iClarified · 16232 views
These are instructions on how to fix the 'no matching host key type found' error message when trying to SSH on Mac.

When attempting to SSH into an older server using macOS, you may receive a ssh error message that reads something like:

Unable to negotiate with 123.123.123.123 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss

How to Fix 'No Matching Host Key Type Found' on Mac

For a successful connection, OpenSSH must have at least one mutually-supported choice for each parameter. If the client and server fail to agree on a mutual set of parameters then the connection will fail. In this case, the client and server were unable to agree on the host key algorithm type. The server offered ssh-rsa or ssh-dss which are supported by OpenSSH but no longer enabled by default due to security concerns.

The ssh-rsa signature scheme has been deprecated since OpenSSH 8.8 which was released on 2021-08-20.

In the SSH protocol, the "ssh-rsa" signature scheme uses the SHA-1 hash algorithm in conjunction with the RSA public key algorithm. It is now possible to perform chosen-prefix attacks against the SHA-1 algorithm for less than USD$50K.

If you have control of the server, you should upgrade your OpenSSH version; however, if you need immediate access to the server, there are a couple ways to resolve this...


EASIEST SOLUTION
Step One
Reattempt your SSH connection, adding the following to your command line:
-oHostKeyAlgorithms=+ssh-rsa

ie. ssh -oHostKeyAlgorithms=+ssh-rsa username@123.123.123.123

How to Fix 'No Matching Host Key Type Found' on Mac


Alternatively, you can follow these steps to make the option permanent...


PERMANENT SOLUTION
Step One
Open a new Terminal window.
How to Fix 'No Matching Host Key Type Found' on Mac

Step Two
Type sudo nano ~/.ssh/config, then enter your administrative password if prompted.
How to Fix 'No Matching Host Key Type Found' on Mac

Step Three
Add the following lines to the config file, replacing 123.123.123.123 with the IP of the server you are connecting to.

Host 123.123.123.123
HostKeyAlgorithms +ssh-rsa

How to Fix 'No Matching Host Key Type Found' on Mac

Step Four
Press Control+X to exit. Input Y when asked to ask save modified buffer.
How to Fix 'No Matching Host Key Type Found' on Mac

Hit Return to confirm the file name to write.
How to Fix 'No Matching Host Key Type Found' on Mac

Step Five
Now you can SSH into your server as normal.

ssh username@123.123.123.123

How to Fix 'No Matching Host Key Type Found' on Mac
Add Comment
Would you like to be notified when someone replies or adds a new comment?
Yes (All Threads)
Yes (This Thread Only)
No
iClarified Icon
Notifications
Would you like to be notified when we post a new Apple news article or tutorial?
Yes
No
You must login or register to add a comment...
jbroome
jbroome - October 31, 2022 at 3:10pm
I needed both of these to get in on my old OS host with key-only auth. HostKeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsa
Recent. Read the latest Apple News.
RECENT
Tutorials. Help is here.
TUTORIALS
How to Create a Bootable macOS Ventura USB Installer [Video]
How to Fix 'No Matching Host Key Type Found' on Mac
Where to Download macOS Ventura
AppleTV Firmware Download Locations
Where To Download iPhone Firmware Files From
Deals. Save on Apple devices and accessories.
DEALS