When connecting to an SSH server, you encounter:
$ ssh user@server.example.com
no matching MAC found. Their offer: hmac-sha1,hmac-md5Or from the server logs:
sshd[12345]: no matching mac found: client hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com server hmac-sha1,hmac-md5MAC (Message Authentication Code) algorithms ensure data integrity and authenticity. This error occurs when client and server have no MAC algorithms in common.
Understand MAC Algorithms
SSH MACs verify that transmitted data hasn't been tampered with. Modern SSH prefers:
- 1.HMAC-SHA2-256/512 with ETM - Encrypt-then-MAC, most secure
- 2.HMAC-SHA2-256/512 - Standard SHA-256/512 based
- 3.UMAC-128 - Fast, modern MAC
Legacy systems might only offer:
- 1.HMAC-SHA1 - Deprecated due to collision concerns
- 2.HMAC-MD5 - Deprecated, cryptographically broken
- 3.HMAC-RIPEMD160 - Legacy algorithm
List Available MACs
Check what your client supports:
ssh -Q macOutput:
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
hmac-sha2-256
hmac-sha2-512
umac-128-etm@openssh.com
umac-128@openssh.com
hmac-sha1
hmac-md5Check the server's configured MACs:
sudo sshd -T | grep macsDiagnose the Mismatch
Use verbose mode to see offered MACs:
ssh -vv user@server.example.com 2>&1 | grep -i macLook for lines like:
debug2: macs ctos: hmac-sha1,hmac-md5
debug2: macs stoc: hmac-sha1,hmac-md5This shows the server only offers legacy MACs.
Enable Legacy MACs Temporarily
To connect immediately, specify a compatible MAC:
ssh -m hmac-sha1 user@legacy-server.example.comOr specify multiple MACs in preference order:
ssh -m hmac-sha2-256,hmac-sha1 user@legacy-server.example.comFor permanent configuration on that host, add to ~/.ssh/config:
Host legacy-server.example.com
MACs hmac-sha2-256-etm@openssh.com,hmac-sha2-256,hmac-sha1Update Server MAC Configuration
On the server, update /etc/ssh/sshd_config:
sudo nano /etc/ssh/sshd_configAdd or modify the MACs line:
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128-etm@openssh.comInclude legacy MACs only if needed for old clients:
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-256,hmac-sha1Restart SSHD:
sudo systemctl restart sshdCheck Client Configuration
Your client might have restrictive MAC settings. Check:
cat ~/.ssh/config | grep -i mac
cat /etc/ssh/ssh_config | grep -i macLook for lines like:
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.comThis restrictive setting won't work with legacy servers. Either comment it out or make it host-specific:
``` Host modern-server.example.com MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
Host * MACs hmac-sha2-256,hmac-sha1 ```
Understand ETM vs MTE
ETM (Encrypt-then-MAC) is more secure than MTE (MAC-then-Encrypt):
- ETM - MAC is calculated on ciphertext, verified before decryption
- MTE - MAC is calculated on plaintext, potential for attacks
ETM MACs have @openssh.com suffix:
hmac-sha2-256-etm@openssh.com
hmac-sha2-512-etm@openssh.com
umac-128-etm@openssh.comPrefer ETM when both sides support it.
Test MAC Negotiation
After changes, verify the negotiated MAC:
ssh -vv user@server.example.com 2>&1 | grep "MAC"Look for:
debug2: set_newkeys: setting up keys: hmac-sha2-256-etm@openssh.comSecurity Implications of Weak MACs
Using weak MACs has risks:
- hmac-md5 - Cryptographically broken, vulnerable to collisions
- hmac-sha1 - Theoretical collision attacks, deprecated in many contexts
- hmac-ripemd160 - Legacy, less studied
If you must enable these for legacy compatibility, restrict to specific hosts:
``` # ~/.ssh/config Host legacy-server.example.com MACs hmac-sha1
Host * MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com ```
Combined Cipher and MAC Issues
Sometimes you get both cipher and MAC errors. Specify both:
ssh -c aes256-ctr -m hmac-sha1 user@legacy-server.example.comIn config:
Host ancient-server.example.com
Ciphers aes256-ctr,aes128-ctr,aes256-cbc
MACs hmac-sha1,hmac-md5
KexAlgorithms diffie-hellman-group14-sha1
HostKeyAlgorithms ssh-rsaOpenSSH Version Compatibility
OpenSSH has evolved MAC defaults:
- OpenSSH 5.9+ - Added ETM MACs
- OpenSSH 6.2+ - hmac-md5 moved to legacy
- OpenSSH 7.6+ - hmac-sha1 moved to legacy
Check versions:
ssh -V
sshd -VVerify Configuration Syntax
Test your SSHD config before restarting:
sudo sshd -tIf MACs line has errors:
/etc/ssh/sshd_config line 42: Bad SSH2 mac spec 'hmac-sha3-256'Fix the typo or remove unsupported algorithms.
Resolution Checklist
- 1.Check client MACs:
ssh -Q mac - 2.Identify server-offered MACs:
ssh -vv user@host 2>&1 | grep -i mac - 3.Specify compatible MAC:
ssh -m mac_name user@host - 4.Update server MACs in
sshd_configfor permanent fix - 5.Use ETM MACs when possible for better security
- 6.Restrict legacy MACs to specific hosts in client config
MAC negotiation failures indicate significant version or configuration differences. Enable legacy MACs temporarily for access, but plan to upgrade outdated systems.