Can no longer ssh into router "no matching host key type found. Their offer: ssh-rsa"

I can no longer ssh into my GL-AR150 from a host that is connected through Ethernet to it’s LAN port. I’m trying to connect from a Windows client with cygwin installed:

$ ssh root@192.168.1.1
Unable to negotiate with 192.168.1.1 port 22: no matching host key type found. Their offer: ssh-rsa

$ ssh -V
OpenSSH_8.8p1, OpenSSL 1.1.1m  14 Dec 2021

$ ipconfig

Windows IP Configuration

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : lan
   Link-local IPv6 Address . . . . . : fe80::1469:b276:3858:a851%18
   IPv4 Address. . . . . . . . . . . : 192.168.1.128
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1

The GL-AR150 acts as a router, has v3.203 firmware installed, factory reset, IP changed to 192.168.1.1 and is connected to a downstream WiFi network for internet access. Luci is also installed:

Powered by LuCI openwrt-19.07 branch (git-21.044.30835-34e0d65) / OpenWrt 19.07.7 r11306-c4a6851c72

Try downloading and using PuTTY (free) instead.

I do not work for and I do not have formal association with GL.iNet

1 Like

It has always worked with Cygwin’s openSSH. It’s only recently that this problem started.

I’m not sure why anyone still uses Putty or cygwin on current versions of Windows 10, as it comes with a great ssh client:

C:\> ssh -V
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
1 Like

I have used PuTTY for ~20 years. “If it ain’t broke don’t fix it”.

I do not work for and I do not have formal association with GL.iNet

I used Putty for many years until Windows included a good version of ssh. I try to load up as few apps on my system as I need to get my job done. We each have our own ideas, but I try not to recommend loading 3rd party apps to other users when the OS comes with a working version of the app.

Windows SSH is not installed by default. If possible, I try not to install more Windows optional “features” than necessary. When setting up a new Windows system, I uninstall unnecessary bloatware and when 3rd-party apps are better.

I do not work for and I do not have formal association with GL.iNet

Thank you for suggesting to use another or an older ssh client. I believe that something in openssh changed and that other clients may exhibit similar behavior in the future. I still hope that some other way could be found than using a different client.

Just as a FYI, the ssh client is installed by default in Windows 10 and 11. I know this as I reload Windows regularly on VMs for testing, and a quick Google search confirms this:

1 Like

XE300 with OpenWrt 19.07
Windows ssh works with it.

image

The Putty is easy for newbie, so I keep it on the docs. Some customers just want to type some commands.
For pro users, they don’t need to read the ssh docs :grinning:.
SSH on windows 10/11 is OK.

1 Like

I use the Cygwin ssh client as I like bash over cmd or powershell. YMMV
I get the same fairly easy to overcome, as below.
Simon@MSI ~
$

Simon@MSI ~
$

Simon@MSI ~
$ ssh root@10.101.16.1
Unable to negotiate with 10.101.16.1 port 22: no matching host key type found. Their offer: ssh-rsa

Simon@MSI ~
$ ssh -oHostKeyAlgorithms=+ssh-rsa root@10.101.16.1
root@10.101.16.1’s password:

You can permanently mod you Home directory ssh config quckest way using my example:
Simon@MSI ~
$ echo Host 10.101.16.1 >> .ssh/config

Simon@MSI ~
$ echo -e “\tHostKeyAlgorithms ssh-rsa” >> .ssh/config

Simon@MSI ~
$ ssh root@10.101.16.1
root@10.101.16.1’s password:

Simon

4 Likes

FYI, not for any of my Windows 10 systems … maybe for yours. I am happy with that.

I do not work for and I do not have formal association with GL.iNet

There are 13 “Windows 10” versions, all with install iso’s. SSH is included by default since 1803, from 2018! If you are using old iso’s to install then that is why. You should always use the latest Windows install iso anyway, which is 21H2.

And why not use Windows 11 in the first place? As stable as Windows 10 with better performance and new features.

I have no intention to migrate from Windows 10 to Windows 11. Nope, I should NOT always use the latest Windows, complete with new bugs. Windows 11 is not currently a mandatory update and I will deal with it if/when it becomes mandatory.

If you want to do that, that is okay with me. “If it ain’t broke don’t fix it”.

I do not work for and I do not have formal association with GL.iNet

20H2 is the oldest maintained version that is getting security fixes and other things. “Ain’t broke” > “Secure computer”, i guess that is fine, you do you. This is not recommended for anyone though. Windows 10 22H2 is also only supported until June 13, 2023, so you will need to go to Windows 11 soon anyway.

And back to the original issue. Yes SSH is included in the latest versions of Windows 10/11 when installed from an iso or other way. If you haven’t installed the PC since Win10 1803, then you manually need to install SSH.

I have until Oct 14, 2025 before having to go to Windows 11. In the meantime,I will install critical/mandatory Windows 10 security updates and patches (as I always have). Nope, I do not “need” to manually install SSH.

I do not work for and I do not have formal association with GL.iNet

In the same link, check the table under, End Date. It’s not guaranteed they will release a new version, and that version expires next year. :wink:

We already know you want to use Putty, while Kitty is better with automatic logon and so on, others might still want to use the built in SSH client.

In English “then you need to” has multiple meanings. Either YOU as an individual, or you as in users of the operating system that need to do something to be able to use something. I thought the meaning in this case was clear but seems like it wasn’t. Thanks for letting me expand on that to make it more clear.

Check the Important section at the top:

Microsoft will continue to support at least one Windows 10 release until October 14, 2025.

Yes, everyone can choose which software they want to use. That is what I indicated in Post 5, when eric stated “I’m not sure why anyone still uses Putty or cygwin on current versions of Windows 10”.

I do not work for and I do not have formal association with GL.iNet

In the same box you can see that updates are reduced to annual updates. That includes security patches, they won’t come as frequently as before.

You can also check your install updates for KB5005463, which is the Windows 11 PC check. Unless you are manually removing updates, you are slowly being pushed towards Windows 11 anyway.

And Eric is completely right. Why would people be using Putty when there is Kitty, or Cygwin when Windows has a built in client. No good reason is the answer.