Skip to Content

Error: No Matching Host Key Type Found

How to solve Error: No Matching Host Key Type Found ?


Overview: This article helps to resolve the error No Matching Host Key Type Found  when trying to SSH into older OS vesrions.


When trying to SSH into an older OS versions, you might see an error message like the one in the screenshot below.

This issue arises because both the server and client must support and agree upon a common set of parameters to establish a successfull connection using OpenSSH. If there is a mismatch or disagreement on these parameters, the connection attempt will fail. The above error occurs because the server and client do not support the same type of host key. This often happens when the SSH server is newer than the SSH client being used.

The client only supports the “ssh-rsa” signature scheme, which is no longer supported by the server. This is because “ssh-rsa” was deprecated starting with OpenSSH version 8.8, released on August 20, 2021.

The simplest way to fix the error is to follow the steps below:

Step 1: Add the option -o to the command, like below:

ssh -p port_number username@ip_address -o HostKeyAlgorithms=+ssh-rsa

Example: ssh -p 2024 [email protected] -o HostKeyAlgorithms=+ssh-rsa

Step 2: If the problem is specific to one user, follow the below step

Add the following lines to /home/username/.ssh/config, replacing "192.168.1.10" with the actual IP address of the server you are trying to connect to. Then, try connecting to the server via SSH.

root@client:~# vi /home/user_name/.ssh/config

Host 192.168.1.10
HostKeyAlgorithms +ssh-rsa

Step 3: For a permanent fix, include the following lines in the ssh_config file.

root@client:~# nano /etc/ssh/sshd_config

HostKeyAlgorithms +ssh-rsa

Step 4: Save the file and restart the SSH service. Once done, you can SSH into the server as usual.

root@client:~# systemctl restart sshd


Related Articles:

userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms

no matching host key type found. Their offer: ssh-rsa,ssh-dss [preauth]