At some point in the past, you've used a process like https://web.archive.org/web/20241230212150/https://weber.fi.eu.org/blog/Informatique/ssh_access_to_a_buffalo_LS210_NAS.writeback/?lang=en along with https://buffalonas.miraheze.org/wiki/ACP_Commander (from https://github.com/1000001101000/acp-commander/tree/master) to enable root SSH access to your NAS, but on newer hosts you get weird connection errors from SSH, or it works but fails to use the public key, and ssh -v says debug1: send_pubkey_test: no mutual signature algorithm ?
Then you need to downgrade your SSH security :
ssh -v -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostkeyAlgorithms=+ssh-rsa -oPubkeyAcceptedKeyTypes=+ssh-rsa root@192.168.11.100
You can put this in a Host block in ~/.ssh/config so that plain ssh root@192.168.11.100 works
Host 192.168.11.100 #HS-DHGL Buffalo LiveStation KexAlgorithms +diffie-hellman-group1-sha1 HostkeyAlgorithms +ssh-rsa PubkeyAcceptedKeyTypes +ssh-rsa
Fedora extra steps
This works on Ubuntu 25.04. On Fedora 41, I have to also add `RSAMinSize 1024` before it would get as far as
debug1: Host '192.168.11.100' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:29 ssh_dispatch_run_fatal: Connection to 192.168.11.100 port 22: error in libcrypto
Apparently Fedora disable something, you need to make a /var/tmp/openssl.cnf with:
.include /etc/ssl/openssl.cnf [openssl_init] alg_section = evp_properties [evp_properties] rh-allow-sha1-signatures = yes
And prefix that to the ssh command : OPENSSL_CONF=/var/tmp/openssl.cnf ssh -v root@192.168.11.100