Resolved: no matching host key type found. their offer ssh-rsa ssh-dss

Have you ever come across the error “no matching host key type found. Their offer: ssh-dss” while working in Git or SSH?

I will share my experience and will also let you know how to fix this error as well.

For Git

So, here’s the deal with SSH: there are different types of keys, right? The RSA keys, which are labeled as ssh-rsa, can use different signature types. Now, ssh-rsa usually means it’s using RSA with SHA-1. But there are other types like rsa-sha2-256 and rsa-sha2-512, where RSA is combined with SHA-256 and SHA-512, respectively.

The thing with Azure DevOps is, it only supports RSA with SHA-1. And here’s the kicker – SHA-1 is pretty weak in terms of security. This basically means that if you’re trying to connect to Azure DevOps over SSH, it’s not really secure. Until they update their system, you’re better off using HTTPS or maybe choosing a different hosting service. Other platforms like GitHub, GitLab, and Bitbucket, they all have more secure authentication methods.

If you absolutely have to use SSH with Azure DevOps for now, there’s a bit of a workaround. You can add some settings to your ~/.ssh/config file:

Host ssh.dev.azure.com
    User git
    PubkeyAcceptedAlgorithms +ssh-rsa
    HostkeyAlgorithms +ssh-rsa

But remember, this is just a temporary fix and it’s not super secure. It’s a good idea to reach out to Azure DevOps about this issue and maybe switch to HTTPS in the meantime, or even consider moving to a different service.

For SSH returns:

You need to include the option -oHostKeyAlgorithms=+ssh-dss in your SSH command. So, it would look like this:

ssh -oHostKeyAlgorithms=+ssh-dss [email protected]

You can replace with your IP.

You can simplify things by setting up a host pattern in your ~/.ssh/config file. This way, you won’t have to specify the key algorithm every time you connect. Here’s how you can do it:

Host nas
  HostName 192.168.8.109
  HostKeyAlgorithms=+ssh-dss

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top