ssh 접속 시 no matching key exchange method found 에러
테스트 환경
$ cat /etc/redhat-release
CentOS release 5.6 (Final)
$ getconf LONG_BIT
32
$ openssl version
OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
[에러]
Unable to negotiate with 192.168.0.101 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
ssh user1@192.168.0.101
$ ssh user1@192.168.0.101
Unable to negotiate with 192.168.0.101 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
연결 매개변수 목록(OpenSSH Legacy Options)
- KexAlgorithms: the key exchange methods that are used to generate per-connection keys
- HostkeyAlgorithms: the public key algorithms accepted for an SSH server to authenticate itself to an SSH client
- Ciphers: the ciphers to encrypt the connection
- MACs: the message authentication codes used to detect traffic modification
해결 방안 1)
Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
ssh -oKexAlgorithms=diffie-hellman-group-exchange-sha1 user1@192.168.0.101
ssh -oKexAlgorithms=diffie-hellman-group-exchange-sha1 user1@192.168.0.101
해결 방안 2)
~/.ssh/config 파일 편집
vim ~/.ssh/config
$ vim ~/.ssh/config
...
Host serv-101
hostname 192.168.0.101
KexAlgorithms diffie-hellman-group-exchange-sha1
user user1
identityfile "~/aws-key/production.pem"
port 22
ssh serv-101
ssh serv-101
참고URL
- http://www.openssh.com/legacy.html
'리눅스' 카테고리의 다른 글
CentOS 7에서 PHP rdkafka 확장(Extension) 모듈을 설치하는 방법 (0) | 2022.03.02 |
---|---|
리눅스 curl 명령어(curl bash -x) (0) | 2022.02.24 |
CentOS 7에 Apache2의 확장 모듈인 Evasive를 설치하는 방법 (0) | 2022.02.09 |
CentOS 8에서 Webalizer를 설치하는 방법 (0) | 2022.02.04 |
[linux] rpcgen install for centos 8 (0) | 2022.01.27 |