Howto resolve Algorithm negotiation failed issue on SSH

by Ramesh Natarajan on July 2, 2008

OpenSSH

 
While performing ssh from a local-host to a remote-host that are on different versions of ssh, it is possible that you may get “Algorithm negotiation failed” message.  In this post, I’ll explain how to resolve this issue from the ssh client.

 
1. Unable to ssh to remote-host: In this example, when trying to perform ssh from local-host to remote-host, we get the “Algorithm negotiation failed” error message as shown below. Please note that the local-host is running ssh2 client.

[local-host]$ ssh -l jsmith remote-host
warning: Authentication failed.
Disconnected; key exchange or algorithm negotiation failed (Algorithm negotiation failed.).

[local-host]$ ssh -V
ssh: SSH Secure Shell 3.2.9.1 (non-commercial version) on i686-pc-linux-gnu
[local-host]$ ls -l /usr/local/bin/ssh
lrwxrwxrwx  1 root root 4 Mar 10 22:04 /usr/local/bin/ssh -> ssh2

 
2. Get more debug information about the error message from SSH. Pass -v parameter to the ssh client to view additional debug information, which will help to troubleshoot this problem further as shown below.

[local-host]$ ssh -v -l jsmith remote-host
debug: SshConfig/sshconfig.c:2838/ssh2_parse_config_ext: Metaconfig parsing stopped at line 3.
debug: SshConfig/sshconfig.c:637/ssh_config_set_param_verbose: Setting variable 'VerboseMode' to 'FALSE'.
debug: SshConfig/sshconfig.c:3130/ssh_config_read_file_ext: Read 17 params from config file.
debug: Ssh2/ssh2.c:1707/main: User config file not found, using defaults. (Looked for '/home/jsmith/.ssh2/ssh2_config')
debug: Connecting to 192.168.101.107, port 22... (SOCKS not used)
debug: Ssh2Transport/trcommon.c:3676/ssh_tr_create: My version: SSH-1.99-3.2.9.1 SSH Secure Shell (non-commercial)
debug: client supports 2 auth methods: 'publickey,password'
debug: Ssh2Common/sshcommon.c:537/ssh_common_wrap: local ip = 192.168.1.2, local port = 59514
debug: Ssh2Common/sshcommon.c:539/ssh_common_wrap: remote ip = 192.168.1.3, remote port = 22
debug: SshConnection/sshconn.c:1945/ssh_conn_wrap: Wrapping...
debug: SshReadLine/sshreadline.c:2427/ssh_readline_eloop_initialize: Initializing ReadLine...
debug: Remote version: SSH-2.0-OpenSSH_5.0
debug: OpenSSH: Major: 5 Minor: 0 Revision: 0
debug: Ssh2Transport/trcommon.c:973/ssh_tr_input_version: All versions of OpenSSH handle kex guesses incorrectly.
debug: Ssh2Transport/trcommon.c:1116/ssh_tr_negotiate_one_alg: Algorithm negotiation failed for c_to_s_compr: client list: zlib vs. server list : none,zlib@openssh.com
debug: Ssh2Transport/trcommon.c:1116/ssh_tr_negotiate_one_alg: Algorithm negotiation failed for s_to_c_compr: client list: zlib vs. server list : none,zlib@openssh.com
debug: Ssh2Transport/trcommon.c:1367/ssh_tr_negotiate: lang s to c: `', lang c to s: `'
debug: Ssh2Common/sshcommon.c:169/ssh_common_disconnect: DISCONNECT received: Algorithm negotiation failed.
debug: SshReadLine/sshreadline.c:2485/ssh_readline_eloop_uninitialize: Uninitializing ReadLine...
warning: Authentication failed.
Disconnected; key exchange or algorithm negotiation failed (Algorithm negotiation failed.).
debug: Ssh2Common/sshcommon.c:662/ssh_common_destroy: Destroying SshCommon object.
debug: SshConnection/sshconn.c:1997/ssh_conn_destroy: Destroying SshConn object.

Based on this debug information message shown in the debug message: “Algorithm negotiation failed for s_to_c_compr: client list: zlib vs. server list : none,zlib@openssh.com“, it is very clear that the client (local-host) is using the zlib compression and the server (remote-host) is not using zlib.

 
3. Resolve the problem by connecting to remote-host SSH without compression. Pass the -o “Compression no” to the ssh client to resolve the problem, as shown below.

[local-host]$ ssh -o "Compression no" -l jsmith remote-host
jsmith@remote-host's password:
Last login: Wed Jun 25 17:06:31 2008 from 192.168.1.2

[remote-host]$ ssh -V
OpenSSH_5.0p1, OpenSSL 0.9.8g 19 Oct 2007

Now that you are connected without any issues after passing the -o “Compression no” parameter to the ssh client, you can notice that the remote-host is using openSSH which is different than the ssh that was running on the local-host, which was the reason for the algorithm negotiation failed issue.


Linux Sysadmin Course Linux provides several powerful administrative tools and utilities which will help you to manage your systems effectively. If you don’t know what these tools are and how to use them, you could be spending lot of time trying to perform even the basic administrative tasks. The focus of this course is to help you understand system administration tools, which will help you to become an effective Linux system administrator.
Get the Linux Sysadmin Course Now!

If you enjoyed this article, you might also like..

  1. 50 Linux Sysadmin Tutorials
  2. 50 Most Frequently Used Linux Commands (With Examples)
  3. Top 25 Best Linux Performance Monitoring and Debugging Tools
  4. Mommy, I found it! – 15 Practical Linux Find Command Examples
  5. Linux 101 Hacks 2nd Edition eBook Linux 101 Hacks Book

Bash 101 Hacks Book Sed and Awk 101 Hacks Book Nagios Core 3 Book Vim 101 Hacks Book

Tags: ,

{ 3 comments… read them below or add one }

1 Peter Quinn July 2, 2008 at 11:58 pm

Hi. I am a long time reader. I wanted to say that I like your blog and the layout.

Peter Quinn

2 paresh July 7, 2008 at 6:17 am

great guide.

3 A.R.M. January 23, 2010 at 1:27 am

Thanks a lot! This was a big help. I couldn’t connect to a server through SSH on MacSSH PPC for Mac OS 9; seems as if MacSSH PPC turns zlib compression on by default.

Leave a Comment

Previous post:

Next post: