Skip to main content

ssh login fails and gives Bad server host key: Invalid key length - Knowledgebase / General - NRAO Science Helpdesk

ssh login fails and gives Bad server host key: Invalid key length

Authors list

Symptom: ssh login to the DSOC/NMASC login machine (= login.aoc.nrao.edu, ssh.aoc.nrao.edu, or gygax.aoc.nrao.edu) fails with "Bad server host key: Invalid key length"

Cause: Your machine no longer trusts the oldest host key on the NRAO server, and rejects the connection instead of switching to one of the newer host keys being offered.

Solution: edit your .ssh/config file on your local machine: 

In a  terminal: 

1. cd ~/.ssh

2. ls to see if you have a config file already.  If you have a config file already, continue to setp 4. 

3. Create a text file called "config" using your preferred text editor

4.  Edit your config file to add the following: 

Host gygax.aoc.nrao.edu login.aoc.nrao.edu ssh.aoc.nrao.edu
    HostKeyAlgorithms ecdsa-sha2-nistp256

5. Save your edit. 

This should solve your login issues: if not, please submit a new helpdesk ticket.