SSH : no matching host key type found. Their offer: ssh-rsa,ssh-dss

[cshsoft]

Use ssh-keygen -t RSA to generate a key pair and add the public key to the account. No matching host key type found. Their offer: ssh-rsa, ssh-dSS

[flaix]

You are probably using the latest version of OpenSSH, e.g. 8.8. OpenSSH has removed ssh-rsa from its defaults.

As a workaround you can enable it in your SSH client. For example on the command line, add -oHostKeyAlgorithms=+ssh-rsa to the SSH command: ssh -oHostKeyAlgorithms=+ssh-rsa user@192.168.8.109.

This is not practical for Git usage, so you can change it in your config. Add a section for your Git server to your ~/.ssh/config file like so:

Host gitblit.example.com
    HostkeyAlgorithms +ssh-rsa
    PubkeyAcceptedAlgorithms +ssh-rsa

See also Atlassian's article for a longer explanation. This workaround is necessary until Gitblit updates the server side host key generation.

[cshsoft]

I've tried that, but I still failed

[flaix]

Which SSH are you using and on what OS version?

[cshsoft]

libssh2-1.10.0

[cshsoft]

The operating system is Window 10

[flaix]

Now I am confused. That library explicitly lists only ssh-rsa and ssh-dss as the supported hostkey types. Also there is nothing to the contrary in the changelog. Is this a private project or some public git client I could use for testing?

[cshsoft]

Private project, server for Gitblit, running fine on my desktop but reporting an error on my laptop，and found new error:

Failed to retrieve list of ssh authentication methods: Failed getting response

[flaix]

In that case I am not sure how to best help you now. At some point Gitblit will have to update the Host key types, for OpenSSH 8.8. But your case seems different, since your library states that it still supports ssh-rsa.

As you use the library in your code you ought to be able to change the configuration for your program and to debug the communication.

[andrm]

try this in .ssh/config: Host mygitblit.server.com PubKeyAcceptedKeyTypes +ssh-rsa

[Huihh]

You can adding the lines below into the Host xxx.xxx.xxx.xxx(server ip) section of your SSH configuration:

Windows systems, this file is located at %USERPROFILE%.ssh\config or $(git_install folder)\etc\ssh\ssh_config.

Host xxx.xxx.xxx.xxx (gitblit server ip) HostkeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsa

good luck

[shreeramjoshi2000]

I used @flaix suggestion "ssh -oHostKeyAlgorithms=+ssh-rsa user@192.168.8.109." and it worked fine. But found that I had to always had to specify the HostKeyAlgorithms when ssh to the host. Will try @andrm method and will update this comment

[flaix]

While the original seems like a error on the client side, this was still an issue for people using OpenSSH 8.8. This has been fixed by supporting additional host key types in PR #1429

[jcasale]

@flaix Will this show up in the nightly? I looked at docker hub and it seems the nightly has not been updated for 7 months?

[flaix]

Yes, it should. The last nightly run failed to deploy to Docker Hub. I hope this one works, otherwise I have to make it work again.

[flaix]

@jcasale The last nightly successfully deployed to Docker Hub.