What's Actually Happening
SSH needs to agree on a key exchange algorithm to establish an encrypted connection. If the client only offers algorithms the server doesn't support (or vice versa), the connection fails immediately.
This typically happens when: - You're using an old SSH client with a new, hardened server - You're using a new SSH client with an ancient server - Server has disabled legacy algorithms for security
The Error You'll See
$ ssh user@oldserver.example.com
Unable to negotiate with 192.168.1.100 port 22: no matching key exchange method found.
Their offer: diffie-hellman-group1-sha1,diffie-hellman-group14-sha1Or from the server side:
no matching key exchange method found: client ecdh-sha2-nistp256,ecdh-sha2-nistp384 server diffie-hellman-group1-sha1Why This Happens
OpenSSH continuously removes weak algorithms for security: - OpenSSH 7.6+: Removes diffie-hellman-group1-sha1 by default - OpenSSH 8.2+: Removes some RSA keys, prefers ED25519 - OpenSSH 9.0+: Removes more legacy algorithms
If your server still uses old algorithms and your client doesn't support them, you get this error.
Step 1: See What Algorithms Are Available
Check what the server offers:
# Use nmap to query SSH algorithms
nmap --script ssh2-enum-algos -p 22 server.example.comCheck what your client supports:
ssh -Q kex # Key exchange algorithms
ssh -Q cipher # Ciphers
ssh -Q mac # MAC algorithmsStep 2: Connect with Legacy Algorithm Support
For a one-time connection to an old server:
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@oldserver.example.comThe + prefix adds the algorithm to the client's default set.
For multiple legacy algorithms:
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1,diffie-hellman-group14-sha1 user@oldserver.example.comStep 3: Add to Client Config
For permanent support, add to ~/.ssh/config:
Host oldserver.example.com
KexAlgorithms +diffie-hellman-group1-sha1
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsaStep 4: Update the Server (Recommended)
If you control the server, update it to support modern algorithms:
```bash # Check OpenSSH version sshd -V
# On Ubuntu/Debian sudo apt-get update && sudo apt-get install openssh-server
# On RHEL/CentOS sudo yum update openssh-server ```
Then configure modern algorithms in /etc/ssh/sshd_config:
KexAlgorithms curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384
HostKeyAlgorithms ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-256,rsa-sha2-512Step 5: Generate Modern Host Keys
If the server's host keys are using old algorithms:
```bash # Generate ED25519 host key sudo ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""
# Generate RSA with SHA2 sudo ssh-keygen -t rsa -b 4096 -f /etc/ssh/ssh_host_rsa_key -N ""
# Restart sshd sudo systemctl restart sshd ```
Security Warning
Using legacy algorithms like diffie-hellman-group1-sha1 is insecure. Only use them as a temporary measure while upgrading the server. These algorithms are vulnerable to:
- Logjam attack
- State-level adversaries
- MITM with sufficient compute
Verify the Fix
```bash ssh -v user@server.example.com 2>&1 | grep kex
# Should see: debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ssh-ed25519 ```