28

I have a working setup with Visual Studio 2022 17.3.6 on a Windows laptop and Mac M1 running macOS 12.6.1. When I run an Uno project or a Xamarin project it connects as expected to the Mac. I just upgraded the Mac to Ventura and am no longer able to connect. I understand the only thing that has changed is moving to Ventura, but am stuck on how to proceed.

The exact error is:

An error occurred while trying to establish an SSH connection with SSH keys to 'ip:22'

I have tried the following:

  • SSH from my laptop in Ubuntu for Windows- worked
  • SSH from another computer- worked
  • Verified Remote Login settings on Mac
  • Ran ssh username@macip 'ls' and it worked
  • Deleted %LOCALAPPDATA%\Xamarin\Monotouch - no change
  • Reviewed Visual Studio log- no additional information
  • Reviewed log on Mac and no additional information
TylerH
  • 20,799
  • 66
  • 75
  • 101
Jt5
  • 694
  • 5
  • 11
  • I simply upgraded my Visual Studio from I wanna say v17.4.x to v17.7.0 (both preview) and my SSH connection started working again. Like you it stopped working after I updated to Ventura on the Mac. In upgrading to Ventura I also updated Xcode and VS for Mac before I noticed SSH wasn't working anymore. – Urk Jun 01 '23 at 16:43

5 Answers5

40

One reason could be the fact that Ventura comes with OpenSSH_9.0p1. Starting with OpenSSH v8.8, RSA signatures using SHA-1 are disabled:

This release disables RSA signatures using the SHA-1 hash algorithm by default”.

Fix SSH(RSA SHA-1) not working in macOS Ventura

  1. edit /etc/ssh/sshd_config and save it:

    HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa

  2. reboot sshd

macOS Monterey and older versions used OpenSSH v8.6 or older, respectively.

TylerH
  • 20,799
  • 66
  • 75
  • 101
monagano
  • 416
  • 3
  • 2
  • I used this from https://superuser.com/questions/1488060/how-to-restart-ssh-service-on-macos :sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist sudo launchctl load -w /System/Library/LaunchDaemons/ssh.plist – Jt5 Oct 27 '22 at 19:00
  • 4
    Editing sshd_config [as monagano suggested](https://stackoverflow.com/questions/74215881/visual-studio-2022-wont-connect-via-ssh-on-macos-after-upgrading-to-ventura/74216924#74216924) should work, but if you have no permissions to edit sshd_config, try with `sudo nano -w /etc/ssh/sshd_config` I had to restart afterward, and then it worked. – Matthias Raymann Oct 27 '22 at 11:07
  • 6
    This didn't work until I deleted `%LOCALAPPDATA%\Xamarin\Monotouch` and then restarted visual studio 2022. – AlexPi Nov 03 '22 at 22:41
  • 1
    HostkeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsa After adding this 2 lines also its not working. – Srinivas Ch Nov 04 '22 at 10:13
  • thanks, worked for me, after doing steps above + deleting %LOCALAPPDATA%\Xamarin\Monotouch path – Yevhenii Yerokhin Nov 04 '22 at 16:23
  • confirm that worked for me too: change the sshd_config + delete the LOCALAPPDATA – Matija M. Nov 07 '22 at 22:25
  • 1
    I edited the sshd_config file and put the two lines at the end of the file. I also rebooted the machine. After this, I get the error of "Couldn't retrieve SSH Fingerprint. Please ensure the host is reachable and Remote Login is enabled". I tried the troubleshooting here: https://learn.microsoft.com/en-us/xamarin/ios/get-started/installation/windows/connecting-to-mac/troubleshooting#Troubleshooting_Remote_Login , and when I get to the test the ssh portion I get this error: "kex_exchange_identification: read: Connection reset". Any suggestions? – Wade Baird Nov 08 '22 at 00:16
  • Worked for me as well after changing the sshd_config file, restarting the Mac, closing Visual Studio, deleting %LOCALAPPDATA%\Xamarin\Monotouch, starting Visual Studio again. – Vladimir Nov 14 '22 at 13:22
  • @WadeBaird Confirm that you do not have a typo in the changes that you made to your sshd_config file. In my case, I fat fingered it and entered `_ssh-rsa` instead of `+ssh-rsa` – Eltee Nov 17 '22 at 04:57
  • Obviously I was unable to read the instructions carefully...I added the two lines to _ssh_config_ instead of **sshd_config** file ...took me some time to figure that out. Thanks for the help! – gurkan Dec 02 '22 at 15:20
  • This fixed it for me, initially I put ras rather than rsa and then spent another hour trying other solutions before noticing my mistake. – Edamreed Dec 19 '22 at 11:32
2

I'd argue that a more appropriate fix would be to install a newer version of OpenSSH for Windows rather than re-enabling defunct RSA SHA-1 signatures on the Mac side. Granted, v9.1.0.0p1 was not available until December 2022 after other answers were posted:

  1. On the Windows machine, open "Optional features"
  2. Search for the "OpenSSH Client" and expand it
  3. Click the "Uninstall" button
  4. Download and install OpenSSH for Windows v9.1.0.0p1 or greater

I have found that Visual Studio will implicitly use the new version and you'll be able to connect to the Mac again.

Taylor Buchanan
  • 4,155
  • 1
  • 28
  • 40
  • 1
    Taylor Buchanan's answer should be #1 answer. (most other answers downgrade security on the Mac, which is not what you want). Additional remark: you can use winget to install the latest openssh: https://github.com/PowerShell/Win32-OpenSSH/wiki/Install-Win32-OpenSSH – Erwin van Dijk May 15 '23 at 12:57
1

I've tried @monogano answer and it dit not work for me.

I've added the same lines :

HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa

at the end of the /etc/ssh/ssh_config file (without restarting anything) and now my ssh connections are working again.

EDIT :

To keep the configuration between updates and so on, one must create a new file in /etc/ssh/ssh_config.d with the same lines as all files from this directory are included in /etc/ssh/ssh_config

WannaGetHigh
  • 3,826
  • 4
  • 23
  • 31
1

This concerns all OS Ventura system (eg. Terminal and Iterm) and not only VS. After ssh -vvv [my_concerned_host] I could see at the end of the report send_pubkey_test: no mutual signature algorithm. Then. SSH switch automatically to the next authentication method: password

For me applying @TylerH workaround in root ssh config was not enough. I also had to do it in my (profile) config : ~/.ssh/config + source ~/.bash_profile for applying changes. As they (already) said in 03/21 [Here] (https://confluence.atlassian.com/bitbucketserverkb/ssh-rsa-key-rejected-with-message-no-mutual-signature-algorithm-1026057701.html), RSA now offers too much vulnerabilities. **The patch in sshd_config should only be applied by people who can't regenerate Keys pair with a stronger algorithm ** (eg. ECDSA or ED25519)

If you have multiple hosts the 2 added lines must be preceded bye : Host *

Host *
  HostkeyAlgorithms +ssh-rsa
  PubkeyAcceptedAlgorithms +ssh-rsa
Abpostman1
  • 158
  • 1
  • 8
  • Thank you! Modifying `/etc/ssh/sshd_config` in my case was not enough and I additionally needed to add this and it worked right after. – skupjoe Dec 06 '22 at 09:31
0

The issue is caused because Ventura comes with OpenSSH_9.0p1 which disables RSA signatures with SHA-1 by default. That means that ssh-ing to any server using RSA signatures with SHA-1 will not work (affecting many old servers). I've finally managed to fix it. This solution works immediately without need to restart ssh, and is persistent even after you update macOS. To fix the problem:

Step 1: Go to /etc/ssh/ssh_config.d

sudo cd /etc/ssh/ssh_config.d

Step 2: Create a new file called config:

sudo nano config

Step 3: Add the following and save the file (Ctrl-O then Ctrl-X)

HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa

You should be able to connect via SSH now.

George Chalhoub
  • 14,968
  • 3
  • 38
  • 61