Versions Compared

Old Version 18

changes.mady.by.user Antonio Medač

Saved on

compared with

New Version 19

changes.mady.by.user Roman Harmata

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Generating a SSH Key in a Windows

...

 several old ssh exchange algorithms removed since Ubuntu 20.04 , so make sure to always use latest version of Putty. Otherwise you might experience errors while trying to connect.

Generating SSH key using Git SCM aka Git Bash

Download Git SCM from https://git-scm.com/download/win and install it.

Then follow pretty much same instructions as in GeneratingaSSHkeyonLinux

Note

Recommendation for Windows users - please make sure that your username provided to server is correct one.

For example user "Pišta Báčik" with username "bacikpis" with computer in XYZ domain will have username "XYZ+bacikpis" which is not gonna work.

There are at leat 2 ways how to make it work properly

  • Use always your username in SSH command during connecting to server as in example:

    Code Block
    bacikpis@server123...


  • Or you can configure SSH client to use certain username for any servers by default by configuring this into ~/.ssh/config file:

    Code Block
    Host *
  User bacikpis


Generating SSH key using Putty

...

Download PuTTY Key Generator (puttygen.exe) from official Putty home page https://www.putty.org/ and start it.

...

  1. Download PuTTY Key Generator
  2. Open the program and click on Conversion in top menu. Then choose Import key.
  3. Locate your key in your computer and click open.
  4. Once the key is loaded, you can save it as PPK file by clicking on Save Private Key or on Save Public Key if you want public version of your key.

Troubleshooting

Couldn't agree a key exchange algorithm

Symptoms

Otherwise you might experience errors while trying to connect.

Code Block
FATAL ERROR: Couldn't agree a key exchange algorithm (available: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256)

Root cause

Several old ssh exchange algorithms were removed since CentOS 8 and Ubuntu 20. Most probably you are using old SSH RSA key. Lets resolve it as described in next steps.

Solution

  • Make sure to always use latest version SSH client on your side (OpenSSH, Putty or other).
  • Make sure you have Ed25519 SSH key generated according to instructions.
  • Upload this new PUB key into portal - it will get distributed to your servers automatically, please be patient, it might take some time to replicate.

Workaround

Warning

This is NOT recommended for permanent use, it is only intended for emergency temporary use when you have other serious blockers/obstacles in you way and you are able to accept lower security standards.

If you accept temporarily lowering security standards, you can allow other ciphers in SSH config on server.