Can no longer SSH into RM2 - "no matching host key type found. Their offer: ssh-rsa"
jim9835 opened this issue · comments
@danielebruneo - thanks so much for your work to date, I've been using How-to-SSH-into-the-RM2 for a while without issue.
However, today I tried after updating my RM2 to the latest update, 2.10.2.356, and am now getting
Unable to negotiate with 10.11.99.1 port 22: no matching host key type found. Their offer: ssh-rsa
So am no longer able to SSH in to the RM2 and so can't install remarkable-hacks, which is a bit painful...
Can you help?
Sounds like the ssh host key of your rm2 was changed by the update.
You have to delete the ssh host key which is cached/saved on your local machine.
On Linux systems this cache resides in ~/.ssh/known_hosts and the key can be remove with the following command
ssh-keygen -R <hostname/ip-of-your-rm2>
Thanks for the quick response. I've had to clear known hosts before, but I seem to remember the error message being different.
Anyway, have tried your suggestion, a key has been removed from known_hosts, but am still getting the same error.
I had a look online and found various suggestions. The one that has worked I found here:
This worked:
sudo nano /etc/ssh/ssh_config
add to new empty line:
HostKeyAlgorithms ssh-rsa,ssh-dss
PubkeyAcceptedKeyTypes ssh-rsa,ssh-dss
I didn't need to to reload/restart SSHd.
FYI - I have a Manjaro Linux OS
Thanks for sharing the solution.
You can also set this ssh client option as command line paramter:
ssh -oHostKeyAlgorithms=+ssh-rsa root@<rm2_ip>
or set this option in the ssh user config file ~/.ssh/config
Host rm2
HostName <rm2_ip>
HostKeyAlgorithms=+ssh-rsa
btw. I think it might be sufficient if you would only ad ssh-rsa an not ssh-dss (because the latter is outdated and should be avoided).