How To Fix the “no hostkey alg” SSH Error Message on Older MacOSX
erics, April 9th, 2025 The included, MacOSX-native ssh binary does not support newer SHA2 keys, so it gets the dreaded “no hostkey alg” or “kex_exchange_identification: read: Connection reset by peer” errors. To troubleshoot, check the sshd logs:
|
1 |
sudo log stream --style syslog --predicate 'process == "sshd"' --info |
To fix that, install ssh via homebrew or macports and use that binary instead:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
shell> ssh myserver ls no hostkey alg shell> which ssh /usr/bin/ssh shell> find /opt -name ssh /opt/local/bin/ssh ... shell> /opt/local/bin/ssh -V OpenSSH_9.9p2, OpenSSL 3.4.1 11 Feb 2025 shell> /opt/local/bin/ssh myserver The authenticity of host 'myserver (1.2.3.4)' can't be established. ED25519 key fingerprint is SHA256:Mmx6y1Z/example+/sbw. This key is not known by any other names. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added 'myserver' (ED25519) to the list of known hosts. Activate the web console with: systemctl enable --now cockpit.socket Last login: Wed Apr 9 10:04:50 2025 from 4.5.6.7 shell> logout |
Categories: How-To's, Technology alg, Error, hostkey, howto, MacOS, macosx, no hostkey alg, ssh, tips
| 
No comments
