UDM & UDM Pro ssh Login Fix

It turns out that ssh into the UDM Pro or UDM might well be broken for you. Remember that we used to:

ssh root@

As it turns out, that started to break for me and the error I got was:

no matching host key type found. Their offer: ssh-rsa

The reason for this is that MOST “openssh” servers in Linux have recently upgraded to v8.8. The server also controls the client and so that means that your Linux openssh built into your wsl2 should be affected.

The change that was made is that openssh v8.8 has deprecated the use of RSA signatures using the SHA1 algorithm in favor of the new SHA2 algorithm.

The problem with this is that Unifi OS v 1.10.4 and 1.11 have not made this very important and obvious upgrade. So, if you try to ssh to your UDM or UDM pro, you will likely see the “no matching host key type found. Their offer: ssh-rsa” error.

The way around this is to log into your UDM Pro with:

ssh -oHostKeyAlgorithms=+ssh-rsa root@

However, you might now want to have to do that all the time.
So, once you get logged in, create an “ecdsa” key which is supported:

dropbearkey -t ecdsa -f /etc/dropbear/dropbear_ecdsa_host_key

Then, restart dropbear on the UDM Pro:

/etc/init.d/dropbear restart

Log out and log back in with:

ssh root@

and you should be working fine again.