Solved: ssh error no hostkey alg in Linux in RHEL 9 and in older versions.
By default, in RHEL 9, the older hosts can’t do the ssh directly.
This is disabled by default.
To enable this we need to update the crypto policies.
I. Error Message
[root@ngelinux001 ssh]# ssh RHEL9HOST no hostkey alg
II. Solution in case of RHEL 9
[root@ngelinux001 ssh]# update-crypto-policies --set DEFAULT:SHA1 Setting system policy to DEFAULT:SHA1 Note: System-wide crypto policies are applied on application start-up. It is recommended to restart the system for the change of policies to fully take place. [root@ngelinux001 ssh]#
III. Solution in case of older RHEL Versions
a. First Verify Permissions:
[root@ngelinux001 ssh]# ls -la /etc/ssh/ssh_host_*
-rw------- 1 root root 668 Feb 17 2017 /etc/ssh/ssh_host_dsa_key
-rw-r--r-- 1 root root 590 Feb 17 2017 /etc/ssh/ssh_host_dsa_key.pub
-rw------- 1 root root 963 Feb 17 2017 /etc/ssh/ssh_host_key
-rw-r--r-- 1 root root 627 Feb 17 2017 /etc/ssh/ssh_host_key.pub
-rw------- 1 root root 1675 Feb 21 11:48 /etc/ssh/ssh_host_rsa_key
-rw-r--r-- 1 root root 399 Feb 21 11:48 /etc/ssh/ssh_host_rsa_key.pub
b. Generate new DSA keypair in case it does not exists.
cd /etc/ssh
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
c. Mention new DSA key pair
vi /etc/ssh/sshd_config
Uncomment this line:
HostKey /etc/ssh/ssh_host_dsa_key
d. Change group and restart SSHD service
chgrp ssh_keys ssh_host_dsa_key
service sshd restart
Now you can retry the connection with the older client and check it should connect now.