Skip to Content

fatal: no matching mac found: unable to ssh due to strict cipher set for pci dss compliance on remote box

Q] Unable to remote servers which have strict ciphers enabled. On the target server’s side we see the error: "fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,[email protected] server hmac-sha2-512,hmac-sha2-256". 

Q] The following ciphers are enabled on my remote box and unable to ssh from ezeelogin ssh jumpbox

KexAlgorithms diffie-hellman-group-exchange-sha256
MACs hmac-sha2-512,hmac-sha2-256
Ciphers aes256-ctr,aes192-ctr,aes128-ctr
It’s for PCI compliance

 

A]  Upgrade to ezeelogin version 7.2.6 and above.