This error occurs when the SSH client and server cannot agree on a Message Authentication Code (MAC) algorithm during the connection negotiation phase. It happens when newer SSH clients attempt to connect to older servers, or when security policies have disabled certain algorithms.
SSH uses Message Authentication Codes (MACs) to verify data integrity and authenticity during encrypted communication. During the initial connection handshake, the client and server negotiate which MAC algorithm to use. If they have no mutually supported algorithms in common—either because the server offers only deprecated algorithms that the client has disabled by default, or the client requests algorithms the server doesn't support—the negotiation fails with this error. This is a security-by-design feature: OpenSSH actively disables weak algorithms to prevent potential attacks.
First, identify what MAC algorithms the server is offering. Look at the error message—it includes 'Their offer:' which lists available algorithms:
Unable to negotiate with server.example.com port 22: no matching MAC found. Their offer: hmac-sha1,hmac-sha1-96,hmac-md5This tells you the server only supports weak or deprecated algorithms. You can also query your client's supported algorithms:
ssh -Q macThis shows all MACs your SSH client supports (in preference order).
To quickly connect without modifying configuration, specify a compatible MAC algorithm on the command line:
ssh -m hmac-sha1 [email protected]Replace hmac-sha1 with one of the algorithms from the server's offer. This is useful for occasional connections to legacy systems but not recommended for permanent setups.
You can also enable multiple algorithms:
ssh -m hmac-sha1,hmac-sha1-96 [email protected]For permanent solutions, edit your SSH client config file. Create or edit ~/.ssh/config (Linux/Mac) or %userprofile%\.ssh\config (Windows):
Host legacy-server
HostName server.example.com
User myusername
MACs +hmac-sha1The + prefix appends the algorithm to the default set (safer than replacing all algorithms). Connect using:
ssh legacy-serverFor multiple weak algorithms:
Host legacy-server
HostName server.example.com
User myusername
MACs +hmac-sha1,hmac-sha1-96,hmac-md5
KexAlgorithms +diffie-hellman-group1-sha1
HostKeyAlgorithms +ssh-rsaNote: You may also need to add KexAlgorithms and HostKeyAlgorithms if the server is very old.
If you need to connect to multiple legacy servers, update the global SSH config. Edit /etc/ssh/ssh_config (Linux/Mac, requires sudo) or create a user-specific config:
For a specific group of weak servers, add at the end of ~/.ssh/config:
Host legacy-*
MACs +hmac-sha1,hmac-sha1-96
KexAlgorithms +diffie-hellman-group1-sha1
HostKeyAlgorithms +ssh-rsaThen any host matching legacy-* will use these settings. For example:
ssh legacy-server1
ssh legacy-server2This avoids applying weak algorithms globally and keeps them restricted to hosts that need them.
The best long-term solution is to upgrade the SSH server to a modern version that supports contemporary algorithms. On the remote server:
For Linux/Unix servers:
# Update system packages
sudo apt-get update && sudo apt-get upgrade # Debian/Ubuntu
sudo yum update -y # RHEL/CentOS
# Check OpenSSH version
ssh -V
# Update SSH server if available through package manager
sudo systemctl restart ssh # or sshdFor older systems that don't support modern MACs:
Consider upgrading to a current OS version. Most production servers should run:
- OpenSSH 7.4+ for basic support of modern algorithms
- OpenSSH 8.0+ for best security practices
This eliminates the need for client-side workarounds and improves overall security.
If you're using SCP or SFTP instead of interactive SSH, apply the same fixes:
# One-time SCP with specific MAC
scp -m hmac-sha1 file.txt [email protected]:/destination/
# Using SSH config with Host entry
scp file.txt legacy-server:/destination/
# For SFTP
sftp -m hmac-sha1 [email protected]SCP and SFTP use the same SSH protocol underneath, so algorithm negotiation rules are identical.
Advanced troubleshooting:
SSH Terrapin Attack (CVE-2023-48795): Modern OpenSSH disables certain algorithms due to this vulnerability. If a legacy server still uses them, it's at security risk. Consider isolating legacy systems on a separate network or using a bastion host.
Windows SSH Clients: Windows 10/11 native SSH (OpenSSH for Windows) has the same behavior as Linux OpenSSH. PuTTY may support more legacy algorithms—use it as a fallback if needed, but upgrade the server for production use.
Cisco/Fortinet/Network Equipment: Enterprise network equipment (switches, firewalls, load balancers) often lags on SSH updates. If connecting to such devices:
- Check the device manufacturer's documentation for supported algorithms
- Consider using a dedicated SSH config file with Host entries for these devices
- Some devices have "crypto policy" settings—check your vendor's security guidelines
Docker/Container Connectivity: If SSH issues occur inside containers, verify the container's OpenSSH package version. Update the base image or install a newer OpenSSH package.
Debugging: To see detailed negotiation logs, enable verbose mode:
ssh -vvv [email protected]The output shows which algorithms the server offered and which ones your client rejected, helping you identify the exact algorithm to enable.
Load key "/home/user/.ssh/id_rsa": invalid format
How to fix 'Load key invalid format' in SSH
Bad owner or permissions on /home/user/.ssh/config
How to fix "Bad owner or permissions on .ssh/config" in SSH
Error connecting to agent: Connection refused
How to fix "Error connecting to agent: Connection refused" in SSH
Connection closed by UNKNOWN port 65535
How to fix 'Connection closed by UNKNOWN port 65535' in SSH
Offending ECDSA key in /home/user/.ssh/known_hosts:line
How to fix "Offending ECDSA key in known_hosts" in SSH