In the last month or so I stopped being able to SSH into my reMarkable as I normally do. After putting off fixing it for a bit I finally decided to just sit down and figure out what was wrong. I got it working and had to share how I know connect to my device in case the same thing happens to you.

Edits

October 7th, 2022:

I just updated my reMarkable to version 2.15.0.1067. Had issues connecting. Error: Connection closed by ... port 22. Fixed this by going into my ~/.ssh/known_hosts file and removing the corresponding line.

With the update the reMarkable now accepts different host key algorithms so this below fix is no longer needed. Keeping the post around in case someone else has a similar issue.

March 22nd, 2023:

When moving my website over I lost my previous comments so I wanted to include Jen Lampton's comment where I was asked if I had ever found a solution that allowed me to connect using my SSH key again. I wasn't able to answer but she later replied:

I just discovered a solution for the public key – I’ll post here in case anyone else finds your helpful article 🙂

`PubkeyAcceptedAlgorithms +ssh-rsa`

And now on to the previously written post.

How I Connected Before

Before going into how I now connect to my reMarkable I wanted to first mention my earlier post that showed how I access my reMarkable through the command line. In addition to the simple SSH command it also mentions how I used my public key to skip entering my password (using the .ssh/authorized_keys file) AND how I created a shortcut (using .ssh/config) so I could skip entering my username and IP address each time. In case you already know how to use SSH but can’t find the information you need to connect to your reMarkable you can find it on your device here:

The Problem

After I upgraded my operating system to the macOS Ventura (13.0 beta) I was was no longer able to SSH into my reMarkable device. Specifically:

❯ ssh root@XXX.XXX.X.XXX
Unable to negotiate with XXX.XXX.X.XXX port 22: no matching host key type found. Their offer: ssh-rsa

SSH (Secure Shell) is a secure method to connect and communicate between two devices. The security comes from the public key cryptography it uses to verify that who you’re talking to is actually who you think it is. One type of algorithm it can use is RSA. Back in 2021 OpenSSH released version 8.8 where it deprecated the ssh-rsa signature scheme as it used the SHA-1 hash algorithm in conjunction with the RSA public key algorithm (link to Icarus.sg). This change shouldn’t be an issue as most systems use the modern version of OpenSSH which will see the RSA key and switch to a stronger signature scheme. So it shouldn’t be an issue.

My problem was that my computer was using the updated OpenSSH so it disables RSA by default (doesn’t accept ssh-rsa signature schemes) while the way reMarkable is configured will only use RSA… hence the discrepancy.

The Solution

Using SSH Command

To get around the current error you’ll need to alter that command a bit to specify what the host key algorithm you want to use is by passing in the option command -o and following it with HostKeyAlgorithms and the specific algorithm you want which in this case is ssh-rsa. Here I just want to add ssh-rsa to the list of preferred host key signature algorithms so I used a + to specify that. If I wanted to remove it from the list I’d use a - while a ^ moves it to the head of the default list. You can learn more about this by typing in man ssh_config in your terminal and navigating down to HostKeyAlgorithms.

My SSH statement thus went from ssh root@XXX.XXX.X.XXX to ssh -oHostKeyAlgorithms=+ssh-rsa root@XXX.XXX.X.XXX and now, after asking my password, I’m able to connect to my reMarkable!

❯ ssh -oHostKeyAlgorithms=+ssh-rsa root@XXX.XXX.X.XXX
root@XXX.XXX.X.XXX's password:
ｒｅＭａｒｋａｂｌｅ
╺━┓┏━╸┏━┓┏━┓   ┏━┓╻ ╻┏━╸┏━┓┏━┓
┏━┛┣╸ ┣┳┛┃ ┃   ┗━┓┃ ┃┃╺┓┣━┫┣┳┛
┗━╸┗━╸╹┗╸┗━┛   ┗━┛┗━┛┗━┛╹ ╹╹┗╸
reMarkable: ~/

Using a Shortcut

If you don’t want to specify the key algorithm every time (or even the username and host) you can create a shortcut. To create the shortcut you’ll need to navigate to the ~/.ssh directory and edit, or create, a config file. Here’s what my updated config file looks like now with the HostKeyAlgorithms specified (before it just had the first three lines):

Host remarkable
    HostName XXX.XXX.X.XXX
	User root
	HostKeyAlgorithms=+ssh-rsa
	PubkeyAcceptedKeyTypes=+ssh-rsa

Here I call my connection remarkable so I just need to type ssh remarkable into the terminal when I want to connect. You can call yours whatever you want by changing the remarkable word at the beginning after Host.

If you want to learn more about how I did this, without the ssh-rsa additions, I talked about it in my Learn How to Access Your reMarkable Through the Command Line post under the heading: Forget the Username and IP Address by Creating a Shortcut.

Addendum: What Version of SSH Your Device Is Running

While working my way through this issue I found some other commands I could run to better understand the SSH my device(s) were running. In case you might also be interested in this I figured I’d include it here.

First a quick aside: I ran these commands on September 15th, 2022 while running Version 2.14.3.977 on my reMarkable (Dropbear v2019.78) and the beta macOS 13.0 Ventura on my computer (OpenSSH_9.0p1, LibreSSL 3.3.6).  

To find the exact version of SSH your device is running you can run ssh with the version flag -V. This means you can run it on your computer or on any device you have ssh access to. For me, after fixing my ssh issue and shown below, I ran it on my computer and saw my Mac is using OpenSSH_9.0p1 and LibreSSL 3.3.6. I then connected to my reMarkable and ran it again to see that my reMarkable is instead running Dropbear v2019.78.

Even if you can’t connect to a device you can still find out what version of SSH it’s running through the verbose mode -v command when attempting to connect; in this case a lowercase v rather than the capitalized version above. Verbose mode explains what’s happening when it attempts to connect and outputs the SSH version of your device before it realizes whether it can connect or not. I also tried doing this when my reMarkable was turned off but, as it was turned off, the operation timed out as it couldn’t connect and thus couldn’t output its SSH version.

❯ ssh -v remarkable
OpenSSH_9.0p1, LibreSSL 3.3.6 // My computer version
...
debug1: Remote protocol version 2.0, remote software version dropbear_2019.78
debug1: compat_banner: no match: dropbear_2019.78 // My reMarkable version
...

Whether you’re having difficulty connecting to your reMarkable or some other device I hope this post has helped you. If so I’d love to hear how and what in the comments below! If my post was missing some crucial information feel free to share in the comments below and maybe it will help someone else later on.

Have a great day!

If you’re interested in getting any of my future blog updates I currently come out with a new one every second Wednesday and share them to my Facebook page and Instagram account. You’re also more than welcome to join my email list located right under the search bar or underneath this post.