野马部落 发表于 2023-3-29 12:20:53

解决 ssh 找不到对应主机密钥类型

解决办法

如果最近升级到了 openssh 8.8 版,你会发现连接某些之前连接得好好的服务器突然无法连接:
Unable to negotiate with x.x.x.x port 2222: no matching host key type found. Their offer: ssh-rsa解决办法是 ssh 命令指定算法:
ssh -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa user@host -p 2222上面比较麻烦,可以修改 ssh 配置文件 ~/.ssh/config,对于无法成功连接的 host,增加以下配置项:
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa完整的配置如下:
Host jump
    Port 2222
    HostName x.x.x.x
    User ***
    IdentityFile ~/.ssh/id_rsa
    UseKeychain yes
    AddKeysToAgent yes
    PreferredAuthentications publickey
    HostKeyAlgorithms +ssh-rsa
    PubkeyAcceptedKeyTypes +ssh-rsa问题原因

根据 OpenSSH 8.8 Release Notes 信息:
This release disables RSA signatures using the SHA-1 hash algorithmby default. This change has been made as the SHA-1 hash algorithm iscryptographically broken, and it is possible to create chosen-prefixhash collisions for
页: [1]
查看完整版本: 解决 ssh 找不到对应主机密钥类型