Introduction

Have you ever tried to SSH to a network device and received the dreaded Unable to negotiate with <user> port 22: no matching key exchange method found. Their offer: <key-algorithm> . In this post ill cover how to work around this issue.

Key Algorithms

Specify the Key Algorithms with the -o KexAlgorithms= flag followed by a comma seperated list of algorithms.

flag

-o KexAlgorithms=diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    

Ciphers

Specify the ciphers with the -c flag followed by a comma seperated list of ciphers. The ciphers should be listed in the prefered order.

flag

-c aes128-cbc,aes192-cbc,3des-cbc
    

Putting it all together.

cmd

ssh -o KexAlgorithms=diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 -c aes128-cbc,aes192-cbc,3des-cbc <user>@<host>
    

Summary

In this post, I covered how to configure SSH key algorithms and ciphers from the CLI. Future Brad, your welcome.

Tags

shell linux