Fix PuTTY couldn’t agree a host key algorithm Error | Easy Steps

By Posted on

Fix PuTTY couldn't agree a host key algorithm Error | Easy Steps

Fix PuTTY couldn’t agree a host key algorithm Error | Easy Steps

This guide from Orcacore will walk you through how to fix the "PuTTY couldn’t agree a host key algorithm" error. This is a common problem faced by users trying to connect to remote servers, and we’ll provide practical solutions to resolve it.

PuTTY is a free and open-source terminal emulator, serial console, and network file transfer application. It supports several network protocols, including SSH, Telnet, rlogin, and SCP. It is primarily used to securely connect to remote servers over the internet or a local network. Its small size and portability made it a popular choice for users who need to access remote systems from various locations. For example, students or employees accessing university or company servers from home or public internet access points.

PuTTY’s strength lies in its SSH implementation, which provides an encrypted connection, protecting sensitive data transmitted between your computer and the remote server. This is especially important when dealing with confidential information or performing administrative tasks on a remote system. It’s a secure alternative to older protocols like Telnet, which transmit data in plain text, making them vulnerable to eavesdropping.

Host key algorithms are a crucial part of the SSH protocol, ensuring that you’re connecting to the correct server and not an imposter. These algorithms define the types of cryptographic keys used to identify and authenticate the server. When PuTTY and the server can’t agree on a common algorithm, the connection fails, resulting in the "PuTTY couldn’t agree a host key algorithm" error.

This error often arises when PuTTY’s configuration doesn’t include any of the host key algorithms supported by the server, or vice versa. It’s like trying to open a door with the wrong key – the connection simply won’t work. This can be frustrating, but fortunately, there are several ways to address this issue.

Putty often presents its users with a ‘Couldn’t Agree a Key Exchange Algorithm’ error when they try to connect to a remote server or EC2 instance. This advice won’t fix every occurrence of that fatal error, but it might just solve your issue.

Resolve PuTTY FATAL ERROR: Couldn’t agree on a host key algorithm

The most common reason why DevOps professionals encounter this error is that they’re using an outdated version of Putty. If you try to connect to a remote server or cloud-based resource with Putty 0.67 or older, you’re going to encounter this error message:

Fix PuTTy couldn't agree a host key algorithm Error

The first resolution is to try to download a new version of Putty. Always use the most up-to-date software when you connect to server-side resources. This helps protect you against software bugs that could compromise the security and confidentiality of your communications, and also avoid annoying, intermittent software errors like this one.

We also have a workaround if that cannot be done immediately. To workaround, update your Git Remote to use an HTTPS connection.

Alternative Solutions to "PuTTY couldn’t agree a host key algorithm" Error

While updating PuTTY is often the simplest and most effective solution, there are alternative approaches you can take to resolve the "PuTTY couldn’t agree a host key algorithm" error. Here are two additional methods:

1. Configuring PuTTY to Accept More Host Key Algorithms

PuTTY allows you to specify which host key algorithms it’s willing to accept. By default, it might not include all the algorithms supported by the server you’re trying to connect to. To address this, you can manually configure PuTTY to include a wider range of algorithms.

Here’s how:

  • Open PuTTY: Launch the PuTTY application on your computer.
  • Load Saved Session (Optional): If you have a saved session for the server you’re trying to connect to, load it. This will ensure that the changes you make are specific to that server.
  • Navigate to Connection -> SSH -> Kex: In the PuTTY configuration window, navigate to the "Connection" section, then "SSH," and finally "Kex" (Key Exchange).
  • Modify the Algorithm List: You’ll see a list of "Kex algorithms to be offered." This list determines the order in which PuTTY proposes key exchange algorithms to the server.
  • Add Missing Algorithms: If you know the server supports a particular algorithm that’s not in the list, add it. Common algorithms include diffie-hellman-group14-sha1, diffie-hellman-group-exchange-sha1, and ssh-rsa. You can add these by typing them into the list, separated by commas.
  • Prioritize Common Algorithms: Ensure that the most common and secure algorithms are at the top of the list. This increases the chances of a successful connection.
  • Save the Configuration: If you loaded a saved session, save the changes to the session. Otherwise, you can save the changes as the default settings for future connections.
  • Try Connecting Again: Attempt to connect to the server again. With the updated algorithm list, PuTTY should now be able to negotiate a compatible key exchange algorithm with the server.

Explanation:

This solution works by expanding the range of key exchange algorithms that PuTTY is willing to use. By including more algorithms in the list, you increase the likelihood that PuTTY and the server will find a common algorithm to use for the SSH connection.

2. Updating the Server’s SSH Configuration (If You Have Access)

If you have administrative access to the server you’re trying to connect to, you can modify its SSH configuration to support more modern and secure algorithms. This is a more advanced solution, but it can improve the security and compatibility of your server.

Here’s how:

  • Access the Server: Connect to the server using a different SSH client or through a console.
  • Locate the SSH Configuration File: The SSH configuration file is typically located at /etc/ssh/sshd_config on Linux systems.
  • Edit the Configuration File: Open the configuration file using a text editor with root privileges (e.g., sudo nano /etc/ssh/sshd_config).
  • Modify the KexAlgorithms Directive: Look for the KexAlgorithms directive in the configuration file. This directive specifies the key exchange algorithms that the server supports.
  • Add or Update Algorithms: Add or update the list of algorithms to include more modern and secure options. For example:
KexAlgorithms curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
  • Modify the HostKeyAlgorithms Directive: Similarly, look for the HostKeyAlgorithms directive and update it to include more modern host key algorithms:
HostKeyAlgorithms ssh-rsa,rsa-sha2-256,rsa-sha2-512,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
  • Save the Configuration File: Save the changes to the configuration file.
  • Restart the SSH Service: Restart the SSH service to apply the changes. The command to restart the service varies depending on your operating system. For example, on Ubuntu, you can use:
sudo systemctl restart sshd
  • Try Connecting Again: Attempt to connect to the server using PuTTY. With the updated SSH configuration, the server should now be able to negotiate a compatible key exchange algorithm with PuTTY.

Explanation:

This solution involves modifying the server’s SSH configuration to support a wider range of key exchange and host key algorithms. By including more modern and secure algorithms, you not only improve the compatibility of the server with PuTTY but also enhance its overall security posture. However, this solution requires administrative access to the server and should be performed with caution, as incorrect configuration can disrupt SSH access.

These alternative solutions, along with updating PuTTY, offer a comprehensive approach to resolving the "PuTTY couldn’t agree a host key algorithm" error. By understanding the underlying causes of the error and applying the appropriate solution, you can ensure secure and reliable SSH connections to your remote servers. The key to solving "PuTTY couldn’t agree a host key algorithm" is understanding the communication requirements between your client and the server.

Conclusion

In conclusion, the “PuTTY couldn’t agree a host key algorithm” error can be fixed by enabling compatible host key algorithms in PuTTY’s settings or updating the server’s SSH configuration to support newer algorithms. This ensures secure and successful SSH connections between PuTTY and the remote server. If you are still facing issues with "PuTTY couldn’t agree a host key algorithm", double check your configuration and ensure that both the client and the server are using compatible algorithms.

Hope you enjoy it. Please subscribe to us on Facebook, Instagram, and YouTube.

You may also like to read the following articles:

Fix Windows 10 User Profile Service Failed After Reset

Fix Error SMTP Can Not Find Mail Address in Ubuntu

Key Steps To Fix Apache Shuts Down Unexpectedly

Resolve VMware Workstation Error Intel VT-x is disabled

Related posts:

Leave a Reply

Your email address will not be published. Required fields are marked *