Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] rsync ssh error



Hi Chuck

The error you're getting, looks like it's because the client side no longer accepts ssh-rsa and ssh-dss as host key algorithms, due to security concerns. These methods have been deprecated because they are considered unsafe.

When you added -oHostKeyAlgorithms=+ssh-rsa to the command line, you are actually telling the SSH client to append ssh-rsa to the list of available algorithms. However, if the ssh-rsa method is explicitly disabled in your SSH client configuration, this won't help.

If I were you I would use a more secure algorithm on the server side. If you have access to the remote server, you could generate a new host key using a more secure algorithm like ecdsa or ed25519. This would involve changing the server's SSH configuration and possibly restarting the SSH service, so you'll need administrative access to the server.

If you don't have access to change the server's settings, you can try to override the default settings on your client machine. You can edit your SSH client's configuration file to accept the ssh-rsa or ssh-dss host key algorithm. Add this:

HostKeyAlgorithms ssh-rsa,ssh-dss

If you try to specify the host key algorithms on the command line instead, you should not use '+' because it means that ssh-rsa should be added to the end of the list of default algorithms. Instead, you should put it at the front of the list, to make it the preferred algorithm. 

rsync -uvptl -e "ssh -o HostKeyAlgorithms=ssh-rsa" <home>@192.81.129.86:/dicts/ddb/comments/comments.html $winD/docs/web/dicts/ddb/comments/

This tells the SSH client to use ssh-rsa as the host key algorithm when connecting to the server

Hope this helps

Cheers

Zuco

> On 20 Jun 2023, at 05:10, Charles Muller <acmuller@example.com> wrote:
> 
> For years, I've been running this script to download a comments file from my server to my local machine:
> 
> rsync  -uvptl -e ssh <home>@192.81.129.86:/dicts/ddb/comments/comments.html $winD/docs/web/dicts/ddb/comments/
> 
> The other day, I upgraded from Ubuntu 20.04 to 22.04.  Having done this, when I try to run this script, I get the following error message:
> 
> Unable to negotiate with 192.81.129.86 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss
> rsync: connection unexpectedly closed (0 bytes received so far) [Receiver]
> 
> 
> The most common solution I found on the web was to add
> 
> -oHostKeyAlgorithms=+ssh-rsa
> 
> to the line, but that doesn't help.
> 
> BTW, it's a WSL installation.
> 
> 
> Regards,
> 
> Chuck
> 
> 
> ---------------------------
> A. Charles Muller, Professor
> 
> Buddhist Culture Research Center
> Musashino University
> 1-1-20 Shinmachi, Nishitokyo-shi
> Tokyo 202-8585, Japan
> Office Phone: 042-468-3145
> 
> (University of Tokyo, Professor Emeritus)
> Web Site: Resources for East Asian Language and Thought
> http://www.acmuller.net
> 
> Twitter: @ACharlesMuller
> 
> 



Home | Main Index | Thread Index