Windows ssh stopped working with 3.x firmware

Technical Support for Routers
1

If you are still running GL iNet routers with firmware version 3.x and using Windows 10’s ssh to log into your routers, please be aware that the Windows 10 October 2024 patchset includes patch KB5044273, which updates ssh, and tightens security. This update breaks compatibility with the ssh server provided in GL iNet firmware version 3.x, resulting in this error message when attempting to connect.

Unable to negotiate with 192.168.8.1 port 22: no matching host key type found. Their offer: ssh-rsa

The workaround is:

ssh -oHostKeyAlgorithms=+ssh-rsa root@192.168.8.1

If you are using ssh keys, you need to use:

ssh -oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedAlgorithms=+ssh-rsa root@192.168.8.1

This can also be added to your .ssh\config file.

Host usb150
    Hostname 192.168.8.1
    User root
    HostKeyAlgorithms +ssh-rsa
    PubkeyAcceptedAlgorithms +ssh-rsa

Per Microsoft’s notes, Windows 11 also received a similar upgrade this month in patch KB5044284.

2 Likes
3

Great finding, thanks for sharing!

4

Out of curiosity , since 3.x Is deprecated, why is this pinned?

5

Because some people still use 3.x and this information is useful for them.

The pin will be removed in a few days automatically.

1 Like
6

Although 3.x may be depreciated, there are many GL iNet users who continue to rely on it, as GL iNet reneged on their commitments to provide 4.x firmware for several models that were still under support long after 4.x was released.

Notably, GL iNet was selling new USB150 routers on their Amazon store as recently as May 2024. According to GL iNet's policy, all newly purchased routers from Amazon are covered by a 2-year warranty. Therefore, these USB150 routers should receive 3.x security updates until at least May 2026, provided GL iNet adheres to their stated policies.

References:

7

Because the Velica is stuck on 3.x and it's end of life is October 2026:

1 Like
8

Ah good to know. :+1: