SSH client and server cannot agree on an encryption algorithm. This occurs when connecting newer SSH clients to legacy servers, or when ciphers are disabled for security reasons.
This error means the SSH client and server cannot negotiate a common cipher (encryption algorithm) that both support. SSH requires both sides to agree on which encryption method to use for the connection. When they cannot find a match, the connection fails. This typically happens when one side has disabled older, less secure ciphers, or when there's a significant version mismatch between the client and server.
First, see what ciphers your SSH client supports:
ssh -Q cipherThis lists all available ciphers in priority order. Your system likely supports modern ciphers like aes256-ctr, aes128-ctr, or [email protected].
Attempt to connect using one of the modern ciphers supported by both client and server:
ssh -c aes256-ctr user@hostname
ssh -c aes128-ctr user@hostname
ssh -c [email protected] user@hostnameIf one of these works, you've found a compatible cipher.
If you need to connect regularly, add the server to your SSH config file at ~/.ssh/config:
Host problematic-server
HostName hostname.example.com
User yourusername
Ciphers aes256-ctr,aes128-ctrThis allows seamless connections without specifying the cipher each time.
The best long-term solution is upgrading OpenSSH on the server:
Ubuntu/Debian:
sudo apt update
sudo apt upgrade openssh-serverCentOS/RHEL:
sudo yum update openssh-servermacOS:
brew upgrade opensshAfter upgrading, restart the SSH service:
sudo systemctl restart sshdIf upgrading immediately isn't possible, you can temporarily re-enable deprecated ciphers on the server by editing /etc/ssh/sshd_config:
sudo nano /etc/ssh/sshd_configAdd or modify the Ciphers line:
Ciphers aes256-cbc,aes192-cbc,aes128-cbc,aes256-ctr,aes128-ctrThen restart SSH:
sudo systemctl restart sshd⚠️ Warning: Only enable legacy ciphers as a temporary fix. Older ciphers have known weaknesses. Upgrade the server as soon as feasible.
Modern OpenSSH versions (7.0+) disable weak ciphers by default for security. Ciphers like DES, 3DES, and RC4 are no longer available. If you control both systems, upgrade both to the same recent version of OpenSSH and use modern ciphers like ChaCha20-Poly1305 or AES-GCM. For enterprise environments, use Mozilla's OpenSSH hardening guidelines which recommend: [email protected], ecdh-sha2-nistp256, and [email protected] as key exchange and cipher algorithms. Rootless containers and isolated network environments may also enforce stricter cipher policies.
Load key "/home/user/.ssh/id_rsa": invalid format
How to fix 'Load key invalid format' in SSH
Bad owner or permissions on /home/user/.ssh/config
How to fix "Bad owner or permissions on .ssh/config" in SSH
Error connecting to agent: Connection refused
How to fix "Error connecting to agent: Connection refused" in SSH
Connection closed by UNKNOWN port 65535
How to fix 'Connection closed by UNKNOWN port 65535' in SSH
Offending ECDSA key in /home/user/.ssh/known_hosts:line
How to fix "Offending ECDSA key in known_hosts" in SSH