the ssh service at offers only the deprecated ssh-rsa HostKeyAlgorithm

Asked by dkg

Currently, an ssh client that deliberately drops `ssh-rsa` from its list of HostKeyAlgorithms as a conservative defense against known SHA1 attacks cannot connect to

The command line error for me shows:

    Unable to negotiate with port 22: no matching host key type found. Their offer: ssh-rsa

This is because the ssh service at offers only the `ssh-rsa` HostKeyAlgorithm, which is deprecated due to its reliance on SHA1:

(see: as an example)'s ssh service should provide a newer form of ssh host key. If you want to stick with RSA, there are several options that do not depend on SHA1, like rsa-sha2-512 or rsa-sha2-256. Or if you're ok with elliptic curves, you could offer ssh-ed25519. Or you could offer multiple host keys for the service.

Question information

English Edit question
Launchpad itself Edit question
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Colin Watson (cjwatson) said :

This is essentially similar to in many ways, but I agree it would in addition be wise to offer rsa-sha2-512 and/or rsa-sha2-256. I'll just link this to that bug, since requests for software changes should be tracked as bug reports rather than support requests.

Revision history for this message
Arthur Borsboom (arthurborsboom) said :


I'm running into the same issue.
I do see an answer, but no solution. :)

How did you deal with this issue?

Revision history for this message
Colin Watson (cjwatson) said :

We don't have a solution yet - it still needs some work in the upstream Twisted project.

Revision history for this message
Colin Watson (cjwatson) said :
#4 now supports rsa-sha2-256 and rsa-sha2-512; see

Can you help with this problem?

Provide an answer of your own, or ask dkg for more information if necessary.

To post a message you must log in.