Have you ever come across the error “no matching host key type found. Their offer: ssh-dss” while working in Git or SSH?
I will share my experience and will also let you know how to fix this error as well.
For Git
So, here’s the deal with SSH: there are different types of keys, right? The RSA keys, which are labeled as ssh-rsa, can use different signature types. Now, ssh-rsa usually means it’s using RSA with SHA-1. But there are other types like rsa-sha2-256 and rsa-sha2-512, where RSA is combined with SHA-256 and SHA-512, respectively.
The thing with Azure DevOps is, it only supports RSA with SHA-1. And here’s the kicker – SHA-1 is pretty weak in terms of security. This basically means that if you’re trying to connect to Azure DevOps over SSH, it’s not really secure. Until they update their system, you’re better off using HTTPS or maybe choosing a different hosting service. Other platforms like GitHub, GitLab, and Bitbucket, they all have more secure authentication methods.
If you absolutely have to use SSH with Azure DevOps for now, there’s a bit of a workaround. You can add some settings to your ~/.ssh/config file:
Host ssh.dev.azure.com User git PubkeyAcceptedAlgorithms +ssh-rsa HostkeyAlgorithms +ssh-rsa
But remember, this is just a temporary fix and it’s not super secure. It’s a good idea to reach out to Azure DevOps about this issue and maybe switch to HTTPS in the meantime, or even consider moving to a different service.
For SSH returns:
You need to include the option -oHostKeyAlgorithms=+ssh-dss
in your SSH command. So, it would look like this:
ssh -oHostKeyAlgorithms=+ssh-dss [email protected]
You can replace with your IP.
You can simplify things by setting up a host pattern in your ~/.ssh/config
file. This way, you won’t have to specify the key algorithm every time you connect. Here’s how you can do it:
Host nas HostName 192.168.8.109 HostKeyAlgorithms=+ssh-dss