Merge pull request #9724 from MicrosoftDocs/main

Auto Publish – main to live - 2025-09-16 10:00 UTC

Author: learn-build-service-prod[bot]

Exchange/ExchangeServer/servertoc/toc.yml

@@ -232,8 +232,6 @@ items:
           href: ../client-connectivity/cannot-create-appointment.md
         - name: Can't open a shared folder in Outlook on the web
           href: ../client-connectivity/cannot-open-shared-folder-owa.md
-        - name: Can't open documents on a network file share
-          href: ../../ExchangeOnline/outlook-on-the-web-issues/cannot-open-documents-on-network-file-share.md?context=%2fexchange%2ftroubleshoot%2fcontext%2fserver-context
         - name: Can't open OWA, ECP, or EMS after a self-signed certificate is removed
           href: ../client-connectivity/owa-ecp-ems-cannot-connect-after-self-signed-certificate-removed.md
         - name: Can't search people in OWA
@@ -460,8 +458,6 @@ items:
           href: ../public-folders/disable-conflict-message.md
         - name: No active public folder mailboxes were found
           href: ../public-folders/migrationbatch-fails-no-public-folder-mailboxes.md
-        - name: Public folder meetings cannot be modified in OWA
-          href: ../../ExchangeOnline/calendars/public-folder-meetings-not-modified-in-owa.md?context=%2fexchange%2ftroubleshoot%2fcontext%2fserver-context
         - name: Large items skipped during migration
           href: ../public-folders/large-items-skipped.md
         - name: Public folder items are deleted after batch migration
@@ -470,8 +466,6 @@ items:
           href: ../public-folders/public-folder-migration-fails.md
         - name: Public folder permissions for Exchange Server
           href: ../public-folders/public-folder-permissions-for-exchange-server.md
-        - name: Public folder users can't manage subfolders
-          href: ../../ExchangeOnline/public-folders/public-folder-users-cannot-manage-subfolders.md?context=%2fexchange%2ftroubleshoot%2fcontext%2fserver-context
         - name: Troubleshoot public folder replication issues
           href: ../public-folders/troubleshoot-public-folder-replication.md
     - name: Setup

Microsoft365/purview/purview/purviewtoc/toc.yml

@@ -111,8 +111,6 @@
       href: ../office-message-encryption/cannot-display-message.md
     - name: Disable Encrypt-Only
       href: ../office-message-encryption/disable-encrypt-only.md
-    - name: External recipient can't open encrypted email
-      href: /troubleshoot/outlook/security/external-recipient-can't-open-encrypted-email?context=/troubleshoot/microsoft-365/context/client-context
     - name: Resolve Microsoft Purview Message Encryption issues
       href: ../office-message-encryption/fix-message-encryption-issue-microsoft-purview.md
   - name: PST Import Service

Office/Client/clienttoc/toc.yml

@@ -644,8 +644,6 @@
           href: ../powerpoint/slide-transition-sounds-missing.md
         - name: Troubleshoot a damaged presentation
           href: ../powerpoint/damaged-presentation.md
-        - name: User info in @mentions doesn't resolve
-          href: /troubleshoot/office/excel/mentions-not-resolve-user-information?context=/troubleshoot/office/context/client-context
     - name: Project
       items:
         - name: Can't add or edit resources in Enterprise Resource Pool
@@ -790,8 +788,6 @@
           href: ../word/not-recognize-misspelled-words-in-word.md
         - name: Track Changes functionality disabled when RMS is disabled
           href: ../word/track-changes-disabled.md
-        - name: User info in @mentions doesn't resolve
-          href: /troubleshoot/office/excel/mentions-not-resolve-user-information?context=/troubleshoot/office/context/client-context
         - name: Using printer fonts in Word
           href: ../word/printer-fonts-in-word.md
         - name: Word slows or stops responding

Teams/TOC.yml

@@ -16,8 +16,6 @@ items:
       href: ./teams-administration/disable-sharepoint-news-notifications.md
     - name: Error switching a tenant to Teams Only mode
       href: ./teams-administration/cannot-switch-to-teams-only-mode.md
-    - name: Issues receiving messages and calls
-      href: /microsoftteams/legacy-login-issues?context=/troubleshoot/MicrosoftTeams/context/context
     - name: Prevent antivirus and DLP tools from blocking or crashing Microsoft Teams
       href: ./teams-administration/include-exclude-teams-from-antivirus-dlp.md
     - name: Resolve issues when starting the new Teams app
@@ -38,10 +36,6 @@ items:
         href: ./teams-administration/root-cause-undetermined-teams-update-failure.md
     - name: '"The following application instance is not present in BVD" error when assigning a phone number to a resource accounts'
       href: ./teams-administration/following-application-instance-not-present-error.md
-    - name: Troubleshoot connectivity issues
-      href: /microsoftteams/connectivity-issues?context=/troubleshoot/MicrosoftTeams/context/context
-    - name: Troubleshoot installation and update issues of classic Teams
-      href: /microsoftteams/troubleshoot-installation?context=/troubleshoot/MicrosoftTeams/context/context
     - name: User information isn't updated
       href: ./teams-administration/user-information-not-updated.md
   - name: Authentication
@@ -70,8 +64,6 @@ items:
       href: ./teams-conferencing/organizer-cant-start-teams-meeting.md
     - name: PSTN callers with the same "From" number are shown as the same user
       href: ./teams-conferencing/pstn-callers-shown-with-same-call-in-number.md
-    - name: Skype for Business broadcasts a dial tone
-      href: /troubleshoot/skypeforbusiness/server-conferencing/sfb-play-dial-tone-teams-call?context=/troubleshoot/MicrosoftTeams/context/context
     - name: Skype for Business required for some meetings instead of Teams
       href: ./teams-conferencing/meeting-requires-skype-instead-of-teams.md
     - name: Static conference ID not supported for Teams meetings
@@ -162,8 +154,6 @@ items:
     items:
     - name: Issue with accessing notebooks
       href: ./teams-onenote-integration/issue-access-notebook.md
-    - name: Temporary change to file size download limit in OneNote
-      href: /troubleshoot/office/onenote/temp-change-onenote-file-size-download?context=/troubleshoot/MicrosoftTeams/context/context
   - name: Phone System
     items:
     - name: Issues when using SIP devices
@@ -254,8 +244,6 @@ items:
     items:
     - name: Websites aren't viewable
       href: ./sites/cannot-view-website-teams-web-client.md
-    - name: '"This site cant be reached" and ERR_INVALID_RESPONSE error when accessing SharePoint site'
-      href: /troubleshoot/sharepoint/sites/err-invalid-response-accessing-sharepoint-site?context=/troubleshoot/MicrosoftTeams/context/context
   - name: Tabs
     items:
     - name: Owner can't create Planner tab

support/windows-client/toc.yml

@@ -1075,6 +1075,10 @@ items:
       href: ./system-management-components/fail-to-launch-vamt-3dot0.md
     - name: Windows Trace Session Manager service doesn't start
       href: ./system-management-components/windows-trace-session-manager-service-not-start-event-id-7000.md
+  - name: OpenSSH
+    items:
+    - name: OpenSSH client can't connect to a server via SSH
+      href: ../windows-server/system-management-components/open-client-can-not-connect-server.md?context=/troubleshoot/windows-client/context/context
   - name: PowerShell
     items:
     - name: Grant-DfsnAccess doesn't change inheritance mode

support/windows-server/system-management-components/open-client-can-not-connect-server.md

@@ -0,0 +1,140 @@
+---
+title: OpenSSH Client Can't Connect To a Server via SSH
+description: Addresses multiple common causes and solutions when encountering OpenSSH connection errors related to host key algorithm mismatches on Windows systems.
+ms.date: 09/16/2025
+manager: dcscontentpm
+audience: itpro
+ms.topic: troubleshooting
+ms.reviewer: kaushika, warrenw, v-lianna
+ms.custom:
+- sap:system management components\openssh (including sftp)
+- pcy:WinComm User Experience
+---
+# OpenSSH client can't connect to a server via SSH: "no matching host key type found" errors
+
+This article addresses multiple common causes and solutions when encountering OpenSSH connection errors related to host key algorithm mismatches on Windows systems.
+
+When you connect to a server via Secure Shell (SSH), you might encounter errors such as:
+
+- > Unable to negotiate with \<server\>: no matching host key type found.
+- > Host key algorithm: (no match)
+- > Permission denied (publickey).
+- > Server refused our key.
+
+These errors typically indicate mismatches in supported algorithms, permissions issues, or security concerns.
+
+## Cause 1: RSA algorithm disabled in updated OpenSSH versions
+
+OpenSSH 8.8 and later versions disable the insecure `ssh-rsa` algorithm by default, causing legacy clients dependent on RSA keys to fail connection attempts.
+
+### Resolution
+
+1. Back up the existing configuration:
+
+    ```powershell
+    Copy-Item "C:\ProgramData\ssh\sshd_config" "C:\ProgramData\ssh\sshd_config.bak" 
+    ```
+
+2. Modify the **sshd_config** file:
+
+    1. Open Notepad as administrator.
+    2. Use the following command to open the **sshd_config** file:
+
+        ```console
+        notepad "C:\ProgramData\ssh\sshd_config"
+        ```
+
+    3. Add the following lines to the end of the file:
+
+        ```output
+        PubkeyAcceptedAlgorithms +ssh-rsa 
+        HostKeyAlgorithms +ssh-rsa
+        ```
+
+3. Restart the OpenSSH service:
+
+    ```powershell
+    Restart-Service sshd
+    ```
+
+4. Verify the SSH connection:
+
+    ```powershell
+    ssh -v [email protected] 
+    ```
+
+## Cause 2: Missing or incorrect authorized_keys file or improper file permissions
+
+Connection failures occur due to missing or incorrect **authorized_keys** file or improper file permissions, generating "Permission denied" errors.
+
+### Resolution
+
+1. Ensure the **authorized_keys** file exists:
+
+    File path:
+    **C:\ProgramData\\ssh\\administrators_authorized_keys**
+
+    Place your public keys correctly in this file.
+2. Correct file permissions:
+
+    Ensure only administrators have write permissions to the file:
+
+    ```console
+    icacls.exe "C:\ProgramData\ssh\administrators_authorized_keys" /inheritance:r /grant "Administrators:F"
+    ```
+
+3. Restart the OpenSSH service:
+
+    ```console
+    net stop sshd 
+    net start sshd 
+    ```
+
+## Cause 3: Private keys stored in the registry persist across sessions causing security risks
+
+Private keys stored by OpenSSH's ssh-agent service persist across sessions in the Windows registry, potentially causing security risks.
+
+### Resolution
+
+- Use strong encryption and passphrases when generating private keys.
+- Limit registry access through user permissions.
+- Regularly update OpenSSH from official sources (for example, GitHub).
+- Regularly audit registry entries and clear sensitive keys when not needed.
+
+### Optional registry adjustments
+
+Manage RSA keys securely via registry policies:
+
+```powershell
+Set-ItemProperty -Path 'HKLM:\SOFTWARE\Policies\Microsoft\Windows\SSH-Server' -Name AllowRSAKey -Value 1 -Type DWORD 
+Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Services\SSH-Server\Parameters' -Name AllowRSAKey -Value 1 -Type DWORD 
+```
+
+### Recommended general security practices
+
+- Secure user accounts and maintain strict file permissions.
+- Regularly update OpenSSH to include latest security patches.
+- Use stronger algorithms such as ED25519 or ECDSA where possible.
+- Educate users on secure key management practices.
+
+## Troubleshooting logs and diagnostics
+
+To gather detailed debugging logs during connection attempts, use the verbose SSH command:
+
+```console
+ssh -vvv user@hostname
+```
+
+Analyze logs collected from both working and nonworking environments to identify configuration differences.
+  
+## Next steps
+
+- Identify and inventory legacy clients still requiring weaker algorithms like `ssh-rsa`.
+- Implement a scheduled upgrade strategy to migrate these clients to stronger algorithms.
+- After resolving compatibility issues, remove temporary algorithm overrides from **sshd_config**.
+- Replace legacy RSA keys with stronger keys (minimum 3072-bit RSA or ED25519).
+  
+## References
+
+- [Key-based authentication in OpenSSH for Windows](/windows-server/administration/openssh/openssh_keymanagement)
+- [OpenSSH 8.8 Release Notes (RSA deprecation)](https://www.openssh.com/txt/release-8.8)

support/windows-server/toc.yml

@@ -2592,6 +2592,10 @@ items:
       href: ./system-management-components/sms-administrator-console-connectivity-issue.md
     - name: What is MMC
       href: ./system-management-components/what-is-microsoft-management-console.md
+  - name: OpenSSH
+    items:
+    - name: OpenSSH client can't connect to a server via SSH
+      href: ./system-management-components/open-client-can-not-connect-server.md
   - name: PowerShell
     items:
     - name: CJK characters are garbled in PowerShell