解决 ssh 找不到对应主机密钥类型
解决办法如果最近升级到了 openssh 8.8 版,你会发现连接某些之前连接得好好的服务器突然无法连接:
Unable to negotiate with x.x.x.x port 2222: no matching host key type found. Their offer: ssh-rsa解决办法是 ssh 命令指定算法:
ssh -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa user@host -p 2222上面比较麻烦,可以修改 ssh 配置文件 ~/.ssh/config,对于无法成功连接的 host,增加以下配置项:
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa完整的配置如下:
Host jump
Port 2222
HostName x.x.x.x
User ***
IdentityFile ~/.ssh/id_rsa
UseKeychain yes
AddKeysToAgent yes
PreferredAuthentications publickey
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa问题原因
根据 OpenSSH 8.8 Release Notes 信息:
This release disables RSA signatures using the SHA-1 hash algorithmby default. This change has been made as the SHA-1 hash algorithm iscryptographically broken, and it is possible to create chosen-prefixhash collisions for
页:
[1]