解決 openssh-8.8-p1 升級: no matching host key type found. Their offer: ssh-rsa
阿新 • • 發佈:2022-12-07
解決 openssh-8.8-p1 升級: no matching host key type found. Their offer: ssh-rsa
來源 https://blogs.qingtianxueri.com/jie-jue-openssh-8-8-p1-sheng-ji-no-matching-host-key-type-found-their-offer-ssh-rsa/
配置檔案: /etc/ssh/sshd_config
# This file is automatically generated at startup KexAlgorithms [email protected],diffie-hellman-group-exchange-sha256 Port 22 Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_ed25519_key Compression delayed ClientAliveInterval 30 PermitRootLogin yes# Login via Key or Password ChallengeResponseAuthentication yes PasswordAuthentication yes PubkeyAuthentication yes UseDNS no LoginGraceTime 30s VersionAddendum none AllowAgentForwarding no X11Forwarding no Ciphers [email protected],[email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr MACs [email protected],[email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160,[email protected] # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server
如果你最近升級到了 openssh 8.8-p1 版, 你會發現連線某些之前連線得好好的伺服器突然無法連線:
Unable to negotiate with x.x.x.x port 2222: no matching host key type found. Their offer: ssh-rsa
解決辦法
ssh -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa user@myhost -p 2222
當然, 每次連線敲這麼一長串也不太好.
編輯使用者 ssh 配置 ~/.ssh/config
, 對於無法成功連線的host, 增加配置項:
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
完整的配置可能看起來像這樣:
Host myhost
Hostname 1.1.1.1
User user001
IdentityFile ~/.ssh/id_rsa
# fixup for openssh 8.8
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
或者,像我一樣的懶人:
Host *
ServerAliveInterval 10
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
為什麼會有這個錯誤
根據 OpenSSH Release Notes
Future deprecation notice
It is now possible[1] to perform chosen-prefix attacks against the SHA-1 algorithm for less than USD$50K.
In the SSH protocol, the “ssh-rsa” signature scheme uses the SHA-1 hash algorithm in conjunction with the RSA public key algorithm. OpenSSH will disable this signature scheme by default in the near future.
Note that the deactivation of “ssh-rsa” signatures does not necessarily require cessation of use for RSA keys. In the SSH protocol, keys may be capable of signing using multiple algorithms. In particular, “ssh-rsa” keys are capable of signing using “rsa-sha2-256” (RSA/SHA256), “rsa-sha2-512” (RSA/SHA512) and “ssh-rsa” (RSA/SHA1). Only the last of these is being turned off by default.
也就是說 8.8p1 版的 openssh 的 ssh 客戶端預設禁用了 ssh-rsa
演算法, 但是對方伺服器只支援 ssh-rsa
, 當你不能自己升級遠端伺服器的 openssh 版本或修改配置讓它使用更安全的演算法時, 在本地 ssh 針對這些舊的ssh server重新啟用 ssh-rsa
也是一種權宜之法.
Refs
http://www.openssh.com/releasenotes.html
https://www.openssh.com/legacy.html
========= End