A while ago I ran into an issue where I wasn’t able to SSH into a server due to:

Unable to negotiate with 10.123.123.123 port 22: no matching MAC found. Their offer: hmac-ripemd160,hmac-sha1

The solution, in my case, involved updating my local ssh config with the proper Message Authentication Codes (MACs), like this:

echo $(ssh -Q mac) | sed "s/ /,/g;s/^/MACs /" >> ~/.ssh/config

Your case may be slightly different, for instance involving Key Exchange Methods, Host Key Algorithms, or Ciphers. To cover all those scenarios you can update your config file as follows:

echo $(ssh -Q mac) | sed "s/ /,/g;s/^/MACs /" && echo $(ssh -Q key) | sed "s/ /,/g;s/^/HostKeyAlgorithms /" && echo $(ssh -Q kex) | sed "s/ /,/g;s/^/KexAlgorithms /" && echo $(ssh -Q cipher) | sed "s/ /,/g;s/^/cipher /" >> ~/.ssh/config
ErrorsScriptingUNIX/Linux
By Scripting, UNIX/LinuxLeave a Comment on SSH: no matching MAC found

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.