ssh unable to negotiate - no matching key exchange method found

  • I am trying to log in to my DSL router, because I'm having trouble with command-line mail. I'm hoping to be able to reconfigure the router.

    When I give the ssh command, this is what happens:

    $ ssh [email protected]
    Unable to negotiate with port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1

    so then I looked at this stackexchange post, and modified my command to this, but I get a different problem, this time with the ciphers.

    $ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 [email protected]
    Unable to negotiate with port 22: no matching cipher found. Their offer: 3des-cbc

    so is there a command to offer 3des-cbc encryption? I'm not sure about 3des, like whether I want to add it permanently to my system.

    Is there a command to allow the 3des-cbc cipher?

    What is the problem here? It's not asking for password.

    Maybe it's is already answered here

    Ssh has a number of different encryption algorithms it can use, and there is no common one between your client and the server. Try using `ssh -o KexAlgorithms=diffe-hellman-group-sha1 [email protected]` to force your client to use an older, less secure algorithm, and see if there is more recent firmware for your router.

    `ssh -vvv ...` will reveal all key exchange and cipher protocols offered by the server.

  • a CVn

    a CVn Correct answer

    3 years ago

    This particular error happens while the encrypted channel is being set up. If your system and the remote system don't share at least one cipher, there is no cipher to agree on and no encrypted channel is possible. Usually SSH servers will offer a small handful of different ciphers in order to cater to different clients; I'm not sure why your server would be configured to only allow 3DES-CBC.

    Now, 3DES-CBC isn't terrible. It's slow, and it provides less security than some other algorithms, but it's not immediately breakable as long as the keys are selected properly. CBC itself has some issues when ciphertext can be modified in transit, but I strongly suspect that the resultant corruption would be rejected by SSH's HMAC, reducing impact. Bottom line, there are worse choices than 3DES-CBC, and there are better ones. However, always tread carefully when overriding security-related defaults, including cipher and key exchange algorithm choices. Those defaults are the defaults for a reason; some pretty smart people spent some brain power considering the options and determined that what was chosen as the defaults provide the best overall security versus performance trade-off.

    As you found out, you can use -c ... (or -oCiphers=...) to specify which cipher to offer from the client side. In this case adding -c 3des-cbc allows only 3DES-CBC from the client. Since this matches a cipher that the server offers, an encrypted channel can be established and the connection proceeds to the authentication phase.

    You can also add this to your personal ~/.ssh/config. To avoid making a global change to solve a local problem, you can put it in a Host stanza. For example, if your SSH config currently says (dummy example):

    Port 9922

    specifying a global default port of 9922 instead of the default 22, you can add a host stanza for the host that needs special configuration, and a global host stanza for the default case. That would become something like...

        Ciphers 3des-cbc
        KexAlgorithms +diffie-hellman-group1-sha1
    Host *
        Port 9922

    The indentation is optional, but I find it greatly enhances readability. Blank lines and lines starting with # are ignored.

    If you always (or mostly) log in as the same user on that system, you can also specify that username:

        Ciphers 3des-cbc
        KexAlgorithms +diffie-hellman-group1-sha1
        User enduser
    Host *
        Port 9922

    You don't need to add a Host * stanza if there was nothing in your ~/.ssh/config to begin with, as in that case only compiled-in or system-wide defaults (typically from /etc/ssh/ssh_config) would be used.

    At this point, the ssh command line to connect to this host reduces to simply

    $ ssh

    and all other users on your system, and connections to all other hosts from your system, are unaffected by the changes.

    In my case I had to remove the `Cipher` line, but then it worked! Thanks!

    According to the ssh_config man page (link) the config file syntax for the ciphers is "Cipher**s**" (note the trailing s).

License under CC-BY-SA with attribution

Content dated before 6/26/2020 9:53 AM