Config to have "ssh too-old-host" error out (with chosen message, and sans actual connection attempt)?

Brian Candler b.candler at pobox.com
Mon Jun 30 21:09:13 AEST 2025


On 30/06/2025 11:41, Jochen Bern wrote:
> I'd like to change .ssh/config so that when muscle memory does a "ssh 
> too-old-host" again, I get output to the effect of "use the 'foo bar 
> baz' command instead" (and ideally, OpenSSH itself does not even 
> *attempt* to connect).
> ...
> Is there an .ssh/config trick to that effect that I don't see? 

You could abuse a text config setting, like

Host foobar
Hostname ": You should use ssh -O PubkeyAcceptedAlgorithms=+ssh-rsa"

which gives me:

% ssh foobar
ssh: Could not resolve hostname : You should use ssh -O 
PubkeyAcceptedAlgorithms=+ssh-rsa: nodename nor servname provided, or 
not known

Or BindInterface:

% ssh foobar
getifaddrs: You should use ssh -O PubkeyAcceptedAlgorithms=+ssh-rsa: no 
suitable addresses
getifaddrs: You should use ssh -O PubkeyAcceptedAlgorithms=+ssh-rsa: no 
suitable addresses


Although of course, if that were the problem, you could simply apply the 
fix instead:

Host foobar
PubkeyAcceptedAlgorithms +ssh-rsa




More information about the openssh-unix-dev mailing list