Intro

Have you ever tried to SSH to a network device and received the dreaded Unable to negotiate with <user> port 22: no matching key exchange method found. Their offer: <key-algorithm> . In this post ill cover how to work around this issue.

Key Algorithms

Specify the Key Algorithms with the -o KexAlgorithms= flag followed by a comma seperated list of algorithms.

flag
-o KexAlgorithms=diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

Ciphers

Specify the ciphers with the -c flag followed by a comma seperated list of ciphers. The ciphers should be listed in the prefered order.

flag
-c aes128-cbc,aes192-cbc,3des-cbc

Putting it all together.

cmd
ssh -o KexAlgorithms=diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 -c aes128-cbc,aes192-cbc,3des-cbc <user>@<host>

Outro

In this post, I covered how to configure SSH key algorithms and ciphers from the CLI. Future Brad, your welcome.

Tags

shell linux