• We did not send an email asking for donations - please read this post.

How to stop: Unable to negotiate with [MyIP] port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

FeddyWalrus

New Member
Joined
Nov 11, 2021
Messages
1
Reaction score
0
Credits
16
I have inherited an hosted Linux Server where all our Mails and other stuff are organized. With Debian Linux.

I assume he didnt touch anything for like 10 Years so its pretty old stuff.

Everytime I want to connect through SSH this phrase appears everytime:

Unable to negotiate with [MyIP] port 22: no matching key exchange method
found. Their offer: diffie-hellman-group1-sha1

I know the right command after this is:

ssh -oKexAlgorithms=diffie-hellman-group1-sha1 -c aes128-cbc [email protected][MyIP]

But what I really dont understand is why this exactly happens and what do I have to do that its stops to appear?

Is the SSH Version too old? Or can I Update my SSH without having login problems?

Is it Debian? And can I update my Debian through SSH/Bash?
 


f33dm3bits

Gold Member
Gold Supporter
Joined
Dec 11, 2019
Messages
4,944
Reaction score
3,589
Credits
36,026
It probably has to do with that your ssh client uses different KexAlgorithms and Ciphers (and or other encryption methods and such) by default because of the ssh version being newer on your client. Using the -o option force the client to connect with that specific KexAlogrithms and with the -c option the Ciphers. Then the server is able to understand the methods you are trying to make connection with so then you are able to connect. What Debian version is the server running currently?
 

jpnilson

Active Member
Joined
Jul 31, 2021
Messages
123
Reaction score
67
Credits
1,087
SHA1 was depreciated long ago. Most SSH clients use SHA2. You can probably still find a client that will talk SHA1. The better option would be to update what I am betting is open ssh except you said nothing had been touched in 10 years. I would do as little as possible for fear of breaking other things. I would be thinking about building a new system and migrating to it.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Linux.org Hosting Donations
Consider making a donation

Members online


Top