View Single Post
Old 10-02-2018, 02:09 PM
bgagnon bgagnon is offline
VanDyke Technical Support
Join Date: Oct 2008
Posts: 4,596
Question FAQ: What causes the "No compatible MAC" error in SecureCRT?

If you are getting some form of the below error:
Key exchange failed.
No compatible MAC.
The server supports these MACs:,,,,,UMAC-64,UMAC-128,SHA2-256,SHA2-512,SHA1

You can turn on Trace Options output (File menu) and find this info:
[LOCAL] : Available Remote Send Macs =,,,,,,,hmac-sha2-256,hmac-sha2-512,hmac-sha1 
[LOCAL] : Selected Send Mac = hmac-sha2-512 
[LOCAL] : Available Remote Recv Macs =,,,,,,,hmac-sha2-256,hmac-sha2-512,hmac-sha1 
[LOCAL] : Selected Recv Mac = hmac-sha2-512

MAC (Message Authentication Code): The MAC options are in the same category (Session Options -> Connection / SSH2 / Advanced) as ciphers. SecureCRT will try the listed MAC methods in order. The list can be reordered using the Up/Down arrow buttons next to the list.

As of version 8.5.1, current MAC methods are (with version when support was first added):
SHA2-512-EtM (v8.5.x)
SHA2-256-EtM (v8.5.x)
SHA1-EtM (v8.5.x)
UMAC-64-EtM (v8.5.x)*
UMAC-128 (v8.3.x)*
UMAC-128-EtM (v8.5.x)*
SHA2-512 (v7.2.x)
SHA2-256 (v7.2.x)
UMAC-64 (v6.1.x)*
SHA1 (v3.0.x)
SHA1-96 (v3.0.x)*/**
MD5 (v3.0.x)*/**
MD5-96 (v3.0.x)*/**
*Not available when client is running in FIPS mode
**Removed support for SHA1-96, MD5 and MD5-96 as of v9.0

You can employ the power of editing the Default session to enable any new MAC algorithms in all of your existing and future sessions. Here are some links to a tip and a video that provide more details about using the Default session to make mass changes to multiple sessions:
Note: In order for a "change" to be applied to all other sessions, the Default session's option/field you're targeting must actually be modified/different from its current value.
Attached Images
File Type: png key_ex_MAC_error_in_SCRT.png (28.1 KB, 11257 views)
File Type: png SCRT851_altered_MAC_category.png (43.7 KB, 11111 views)

VanDyke Software
Technical Support
(505) 332-5730

Last edited by bgagnon; 10-29-2020 at 08:18 AM. Reason: Change icon to question mark