While setting up a new Cisco Nexus N5K-C5596UP switch, I was getting the following error:

mmattox@a1ubthorp01:~$ ssh [email protected]
Unable to negotiate with port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss


This error is caused by the fact that the switch is using an outdated key algorithm in this case it is ssh-dss.

To properly fix this issue, I would need to update the switch to a newer release but the highest version that I have access to is n5000-uk9.7.3.7.N1.1b.bin.

So to workaround this issue we simply need to tell the OpenSSH client to use the ssh-dss key algorithm.

ssh -oHostKeyAlgorithms=+ssh-dss [email protected]

This will work as a one off fix but to make this a more permanent solution I would need to add the following to the ~/.ssh/config file:

Host san_switch