Fixes

No Matching Key Exchange Method Found on Mac? Here is How to Fix it

You might be getting the “No Matching Key Exchange Method Found” error on your Mac and if you are, you have come to the right place. In Unix World, SSH servers and clients are used in different forms and versions. OpenSSH is one of these and it allows you to securely login to a remote server.

The OpenSSH versions are updated quite often but clients might also be using older versions and the servers might be on different versions due to which this issue is being triggered.

No Matching Key Exchange Method Found
No Matching Key Exchange Method Found

Other times, the error entails “123.123.123.123 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1In this article, we have been able to fix this issue using different methods and steps that have been listed in detail below. Make sure to go through them and apply them on your Mac using the terminal to execute the commands that are listed.

Fixing the No Matching Key Exchange Method Found Issue:

Solution 1: Enable Older Key Exchange Methods

In some cases, the Older key exchange methods that are used by clients can be enabled by the server so that the “No Matching Key Exchange Method Found” error isn’t triggered anymore. Therefore, go through the following steps to reconfigure the SSH configuration file. For that:

  1. In your terminal, execute the following command to open the SSH configuration file using the NANO text editor.
    sudo nano etc /ssh /ssh_config
  2. Now, add the following lines to this OpenSSH configuration file to enable the older key exchange methods on this server.
    KexAlgorithms diffie-hellman-group1-sha1,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 Ciphers 3des-cbc,blowfish-cbc,aes128-cbc,aes128-ctr,aes256-ctr
  3. Execute the following command in order to save your changes and then regenerate the SSH keys.
    ssh-keygen -A
  4. After the key regeneration process finishes, restart the SSH daemon using the command below.
    service ssh restart
  5. Now, check to see if the “No Matching Key Exchange Method Found” issue has been fixed on your server.

Solution 2: Use PuTTY

PuTTY is an alternative SSH client that is comparatively better with key exchange methods, therefore, we recommend that you use that instead of the current client and check to see if the connection is made properly. In order to install PuTTY on your macOS or Linux, launch into the terminal and execute the following command.

sudo apt install putty

Solution 3: Enable SHA-1

It is possible that some connections are being made over the SHA-1 key exchange method and below, we have mentioned the workarounds that will allow you to be able to enable this again to fix the “No Matching Key Exchange Method Found” error. For that:

  1. In your terminal, execute the following command to open the SSH configuration file using the NANO text editor.
    sudo nano /etc /ssh /ssh_config
    Opening SSH File
    Opening SSH File
  2. From here, make sure to navigate through this file until you see the following line.
    #   MACs hmac-md5,hmac-sha1, umac-64@openssh.com,hmac-ripemd160
  3. From this line, remove the “#” symbol and replace the line with the following.
    MACs hmac-md5,hmac-sha1,hmac-sha2-256,umac-64@openssh.com,hmac-ripemd160
  4. After this, locate the following line and remove the “#” symbol from its start as well.
    #  Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
  5. Now, make sure to paste the following at the end of the configuration file.
    HostkeyAlgorithms ssh-dss,ssh-rsa
    KexAlgorithms +diffie-hellman-group1-sha1,diffie-hellman-group14-sha1
  6. Save your file and exit out of the Nano editor.
  7. Check to see if this has fixed the “No Matching key Exchange Method Found error“.

Note: Basically, what this has done is that it has enabled the SHA-1 protocol so that the clients that are on older Open SSH versions are able to connect with the server.

Make sure that you make a backup of this SSH configuration file because whenever the macOS is updated, this file will be overwritten. A backup can help you restore it without having to implement the above steps again.

If the issue is still persisting on your computer, contact us for further troubleshooting.

Alan Adams

Alan is a hardcore tech enthusiast that lives and breathes tech. When he is not indulged in playing the latest video games, he helps users with technical problems that they might run into. Alan is a Computer Science Graduate with a Masters in Data Science.
Back to top button