MacOS : Unable to negotiate with port 22: no matching cipher found

By | January 15, 2018

Having the following issue connecting to a device using SSH after upgrading to macOS High Sierra 10.13.2?

Unable to negotiate with port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,

This is an expected behavior if you attempt to connect to a legacy system or network device running older version of SSH.

To workaround this issue, you may enable the legacy ciphers of your SSH client. To do so, follow these easy steps :

1. Open the Terminal (Go > Utilities > Terminal)

2. Open the SSH client configuration file using a text editor with elevated privileges (this example assume that you are using Vim, you will be prompted for the admin/root password as well) :

3. Locate the “Ciphers” line (should be at #38) and uncomment (remove the # sign) :

4. Save the file and you should now be able to connect.


You may also continue to get additional message such as :

no matching host key type found. Their offer: ssh-dss

In that case, you may attempt to add “HostKeyAlgorithms” as suggested, for example :

Be Sociable, Share!