‘no matching mac found error‘ when I try to ssh

已于 2022-07-14 16:33:56 修改
阅读量1.4k 收藏
点赞数
分类专栏: 运维 文章标签: macos ssh 运维
于 2022-07-14 16:18:40 首次发布
原文链接:https://stackoverflow.com/questions/51501496/how-to-resolve-no-matching-mac-found-error-when-i-try-to-ssh
版权

I have struggled to this problem for decent time before understanding the basics and root cause. Sharing the experience so it can help someone.

I was trying to ssh to a target server and getting error like below

$ ssh -A <someTargetServerNameOrIP>
Unable to negotiate with XX.XX.XX.XX port 1234: no matching MAC found.   
Their offer:   
hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,
umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com

The root cause of this error is on your source machine the supported MAC doesnt contain the MAC from target server.

You are getting this error because the client and the server could not agree upon a hashing algorithm for message authentication code.

More information here: Debug SSH Connection issue in key exchange - Experiencing Technology

To see this run in command line on your machine

$ ssh -Q mac   # output would be something like
hmac-sha1
hmac-sha1-96
hmac-sha2-256
hmac-sha2-512
hmac-md5
hmac-md5-96
umac-64@openssh.com
umac-128@openssh.com

So now in order to connect to target server with their choice of mac which your server doesn't support you have to explicitly provide one of the mac supported by target server. For e.g. we take hmac-sha2-512 from the error message and try to connect, and it will be connected

$ ssh -m hmac-sha2-512 -A <someTargetServerNameOrIP>

Another variant of the problem is the mismatch in cipher which looks like below

$ ssh -A <someTargetServerNameOrIP>       
Unable to negotiate with XX.XX.XX.XX port 1234: no matching cipher found.   
Their offer: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc

The root cause is mismatch of cipher

Check your supported cipher by

$ ssh -Q cipher   # output would be something like
3des-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com

 So now in order to connect to target server with their choice of cipher which your server doesnt support you have to explicitly provide one of the cipher supported by target server. For e.g. we take aes128-cbc from the error message and try to connect, and it will be connected

$ ssh -c aes128-cbc -A <someTargetServerNameOrIP>

More details on this can be found Specifying SSH connection parameters manually - Diego Assencio

no matching mac found
不务正业的猿
04-24 4100
报错信息 通过GUI提交代码时,突然报错,有点奇怪,之前都是没问题的。 报错信息: no matching mac found: client hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96 server hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-2
运维系列(亲测有效):关于重装VPS系统后,SSH登录的问题
weixin_54626591的博客
02-01 1066
关于重装VPS系统后,SSH登录的问题
ssh登录报no matching MAC found. Their offer: hmac-sha2-512异常
热门推荐
l434的博客
03-25 2万+
故障现象: ssh 111.111.111.111 Unable to negotiate with 111.111.111.111 port 22: no matching MAC found. Their offer: hmac-sha2-512,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-256-etm@openssh.com 临时解决方法 ssh 111.111.111.111 -o macs=hmac-sha2-512 问题点:
no matching cipher found问题一次解决经历
最新发布
weixin_46161645的博客
02-15 284
以上内容在原配置文件中本来就有,可能只是注释掉了,修改的时候仔细核对下。解决方法是在“192-168-72-75”服务器上修改。本次问题解决纯属蒙对了,原理不清楚。
麒麟信安等服务器ssh问题no matching MAC found. Their offer: hmac-sha1-96,hmac-sha1,hmac-md5-96,hmac-md5
zzchances的博客
01-11 4058
国产服务器ssh连接失败问题
Cisco SSH_No matching mac found
网络工程技术小白
03-30 1274
关于Cisco交换机SSH远程 No matching MAC found
scp 遇到报错 no matching mac found: client hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ri
qq_37493884的博客
11-25 654
如题解决方法MACshmac-sha2-256512scp -oMACs=hmac-sha2-256,hmac-sha2-5121ctuser@10190.5046。
scp命令报错Unable to negotiate with 192.168.1.200 port 22: no matching MAC found. Their offer: hmac-sha1
他的博客
11-30 661
因为 SCP(Secure Copy Protocol)依赖 SSH 协议,而目标服务器的 SSH 配置仅支持 hmac-sha1。这种较旧的消息认证码(MAC)算法,而你的本地系统可能默认不再支持这种较不安全的算法。
no matching host key type found.
09-07
This error message usually occurs when the SSH client cannot find a matching host key type to use for authentication with the remote server. To resolve this issue, you can try one or more of the ...
揭示十年数据库经验,告诉你如何轻松应对常见问题(SQL 小虚竹)
小虚竹的专栏
04-06 5897
揭示十年数据库经验,告诉你如何轻松应对常见问题(SQL 小虚竹)
ssh 的参数 -o + 检查是否是无密码访问
10-24 2376
转自:http://blog.chinaunix.net/xmlrpc.php?r=blog/article&uid=29578485&id=5300984 写脚本想检查服务器之间是否建立了 公钥实现了无密码访问查找过程中找到了ssh 的一些参数,贴出来,怕下次找不到了这些参数可用在 ssh -o 后面 ,每个参数前面都必须有 -o脚本如下:ssh -o Num...
linux渗透测试常用命令
AI拉呱,专注于人工智与网络安全方面的研究,关注一起学习。
08-07 335
【代码】linux渗透测试常用命令。
升级macOS,git 报错no matching key exchange method found 解决方法
weixin_34268753的博客
09-23 563
2019独角兽企业重金招聘Python工程师标准>>> ...
No matching signing identity found 之 iOS真机调试
u011597585的专栏
03-03 1258
No matching signing identity found  No signing identities (i.e. certificate and private key pair) matching the value specified in your build settings, "Mac Developer:", were found.
Unable to negotiate with xxxxxx: no matching MAC found. Their offer: hmac-sha1
weixin_44245188的博客
10-11 438
添加了-o macs=hmac-sha1,就不报错啦,啦啦啦,开心,使用vscode连接远程服务器,能减少很多工作量,效率大大提升。在更新vscode后连接远程服务器一直在报错,卸载了vscode的版本还是报错,最终在连接服务器命令ssh XXX。
Unable to negotiate with xx.xx.xx.xx port 22: no matching MAC found. Their offer: hmac-sha1-96,hmac-
weixin_60189029的博客
10-14 496
先是删除了本机C:\Users\用户名\.ssh下的id_rsa, id_rsa.pub以及服务器上~/.ssh/authorized_keys。主机的C:\Users\用户名\.ssh下的config文件在目标服务器的设置下根据。C:\Users\用户名\.ssh\known_hosts 中对应服务器的条目。C:\Users\用户名\.ssh\config对应服务器目录下追加一行。重新生成文件,主机在目录C:\Users\用户名\.ssh命令行输入。文件里面的内容复制到服务器的 ~
scp或者ssh报错“no matching host key type found. Their offer: ssh-rsa,ssh-dss“
XXY2083123843的博客
12-19 1万+
scp或者ssh报错“no matching host key type found. Their offer: ssh-rsa,ssh-dss“
mac拉取git仓库报错
weixin_30980795的博客
04-11 329
git push github失败,提示:SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443 笔记 换sourcetree和git命令行提交都提交不了, 然后去网上根据这个错误提示搜了一下,发现是因为Git的Http代理的问题,Git支持三种协议:git://、ssh://和http://,本来push的时候应该走ssh隧道的,但是因为设置了http代理,所以就走了http的代理,于是就提交不了了。 OK,找到原因了,那就取消http
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值