SSH from RHEL 9 to RHEL 6 systems or 3rd party application services does not work due to SHA1 being disabled

Solution Verified - Updated -

Issue

  • Trying to open a SSH session from Red Hat Enterprise Linux 9 (RHEL 9) client to Red Hat Enterprise Linux 6 (RHEL 6) OpenSSH server fails with the following error message:

    ssh_dispatch_run_fatal: Connection to 1.2.3.4 port 22: error in libcrypto

    or

    Unable to negotiate with 1.2.3.4 port 22: no matching host key type found. Their offer: ssh-rsa

  • I use a 3rd party application service not providing strong algorithms but only SHA1-based algorithms, for example 3rd party GitBlit

Environment

  • Source System

    • Red Hat Enterprise Linux 9
      • DEFAULT crypto policy (or more strict)

  • Target system

    • Red Hat Enterprise Linux 6
      • openssh-server-5.3p1-124.el6_10.x86_64

    or

    • 3rd party application/services
      • Example: GitBlit as of Dec. 21, 2023

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content