SOLVED On the origin of the “No supported key exchange algorithms” error message of sshd

sshd shuts down with “No supported key exchange algorithms” error; Dmitry Gladkov; in Server Fault; 2010-07-07.

Actualities

us
Feb 23 12:19:36 host.example.com sshd[967]: Server listening on 0.0.0.0 port 22.
Feb 23 12:19:36 host.example.com sshd[967]: Server listening on :: port 22.
Feb 23 12:19:56 host.example.com sshd[1361]: fatal: No supported key exchange algorithms [preauth]

Diagnosis

The ssh host key files are readable by more than merely the owner

Incorrect

$ ls -l /etc/ssh/ssh*key*
-rw-r-----. 1 root root  227 Feb 23 11:56 /etc/ssh/ssh_host_ecdsa_key
-rw-r--r--. 1 root root  162 Feb 23 11:56 /etc/ssh/ssh_host_ecdsa_key.pub
-rw-r-----. 1 root root  387 Feb 23 11:56 /etc/ssh/ssh_host_ed25519_key
-rw-r--r--. 1 root root   82 Feb 23 11:56 /etc/ssh/ssh_host_ed25519_key.pub
-rw-r-----. 1 root root 1675 Feb 23 11:56 /etc/ssh/ssh_host_rsa_key
-rw-r--r--. 1 root root  382 Feb 23 11:56 /etc/ssh/ssh_host_rsa_key.pub

Correct

$ ls -l /etc/ssh/ssh*key*
-rw-------. 1 root root  227 Feb 23 11:56 /etc/ssh/ssh_host_ecdsa_key
-rw-r--r--. 1 root root  162 Feb 23 11:56 /etc/ssh/ssh_host_ecdsa_key.pub
-rw-------. 1 root root  387 Feb 23 11:56 /etc/ssh/ssh_host_ed25519_key
-rw-r--r--. 1 root root   82 Feb 23 11:56 /etc/ssh/ssh_host_ed25519_key.pub
-rw-------. 1 root root 1675 Feb 23 11:56 /etc/ssh/ssh_host_rsa_key
-rw-r--r--. 1 root root  382 Feb 23 11:56 /etc/ssh/ssh_host_rsa_key.pub

Comments are closed.