3

My customer has a legacy (old) SFTP client application that is used to upload files to an Ubuntu Server. Using version 20.04 LTS on the server this works just fine. However testing this to a 22.04 LTS server the connection fails and the server reports the following log message:

sshd[1490]: Unable to negotiate with XXX.XXX.XXX.XXX port 59993: no matching host key type found. Their offer: ssh-rsa,ssh-dss [preauth]

I can connect with other clients (such as FileZilla) from the same client devices using the same credentials so I'm sure the issue is localized to the legacy client application.

I'm guessing that this issue is due to ssh-rsa being disabled by default in 22.04? I'm aware of the security issues, however in this case of I have no way to touch anything at the client end since the client is heavily integrated into their workflow.

Is there anyway to "re-enable" the support for SFTP that existed in 20.04 LTS at the server end? If so can you give me some guidance on the necessary steps.

Thanks in advance.

presto
  • 31

2 Answers2

5

I had the same issue trying to connect to Ubuntu 22.04 from a legacy SSH program (Apache Guacamole in my case). I fixed it by creating a custom conf file in the /etc/ssh/sshd_config.d/ directory containing the following two lines:

HostkeyAlgorithms ssh-dss,ssh-rsa
KexAlgorithms +diffie-hellman-group1-sha1

You could also just add those two lines to the sshd_config file, but I prefer to keep my customisation in a separate file.

Restart the sshd service after making the changes and it should work.

stuartm
  • 151
1

I also had the same issue when I upgraded from Ubuntu 20.04 to 22.04-- I had to use SFTP with an older IDE client (as well as creating an SSH tunnel for my MySQL client, Navicat), so I had to add this to my /etc/ssh/sshd_config file:

HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
KexAlgorithms diffie-hellman-group1-sha1,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
Ciphers 3des-cbc,aes128-cbc,aes128-ctr,aes256-ctr

Then restart sshd service

Thanks to @user68186 for this answer: Ubuntu 22.04 SSH the RSA key isn't working since upgrading from 20.04 which led me in the right direction.

Richard
  • 111