How to enable 'diffie-hellman-group1-sha1' on RHEL 9?

Solution Verified - Updated -

Issue

  • How to enable support for 'diffie-hellman-group1-sha1' so that RHEL8 and earlier ssh clients can connect using 'diffie-hellman-group1-sha1' key exchange algorithm ?

  • How to fix the issue reported for no matching key exchange method found on RHEL9 ?

    Oct  7 20:05:01 node1.example.com sshd[157274]: Unable to negotiate with client-ip [x.x.x.x] port 33580: no matching key exchange method found.    Their offer: diffie-hellman-group1-sha1 [preauth]

Oct  7 20:05:01 node1.example.com sshd[157278]: Unable to negotiate with client-ip [x.x.x.x] port 51923: no matching key exchange method found.    Their offer: diffie-hellman-group1-sha1 [preauth]

Environment

  • Red Hat Enterprise Linux 9.0
  • diffie-hellman-group1-sha1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content