解決辦法 如果最近升級到了 openssh 8.8 版,你會發現連接某些之前連接得好好的伺服器突然無法連接: Unable to negotiate with x.x.x.x port 2222: no matching host key type found. Their offer: ssh-r ...
解決辦法
如果最近升級到了 openssh 8.8 版,你會發現連接某些之前連接得好好的伺服器突然無法連接:
Unable to negotiate with x.x.x.x port 2222: no matching host key type found. Their offer: ssh-rsa
解決辦法是 ssh 命令指定演算法:
ssh -o HostKeyAlgorithms=+ssh-rsa -o PubkeyAcceptedKeyTypes=+ssh-rsa user@host -p 2222
上面比較麻煩,可以修改 ssh 配置文件 ~/.ssh/config,對於無法成功連接的 host,增加以下配置項:
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
完整的配置如下:
Host jump
Port 2222
HostName x.x.x.x
User ***
IdentityFile ~/.ssh/id_rsa
UseKeychain yes
AddKeysToAgent yes
PreferredAuthentications publickey
HostKeyAlgorithms +ssh-rsa
PubkeyAcceptedKeyTypes +ssh-rsa
問題原因
根據 OpenSSH 8.8 Release Notes 信息:
This release disables RSA signatures using the SHA-1 hash algorithm
by default. This change has been made as the SHA-1 hash algorithm is
cryptographically broken, and it is possible to create chosen-prefix
hash collisions for <USD$50K [1]
For most users, this change should be invisible and there is
no need to replace ssh-rsa keys. OpenSSH has supported RFC8332
RSA/SHA-256/512 signatures since release 7.2 and existing ssh-rsa keys
will automatically use the stronger algorithm where possible.
Incompatibility is more likely when connecting to older SSH
implementations that have not been upgraded or have not closely tracked
improvements in the SSH protocol. For these cases, it may be necessary
to selectively re-enable RSA/SHA1 to allow connection and/or user
authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms
options. For example, the following stanza in ~/.ssh/config will enable
RSA/SHA1 for host and user authentication for a single destination host:
Host old-host
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
We recommend enabling RSA/SHA1 only as a stopgap measure until legacy
implementations can be upgraded or reconfigured with another key type
(such as ECDSA or Ed25519).
從這裡可以知道,從 openssh 8.8 版本開始預設禁用了 ssh-rsa 演算法,對於大部分情況,這次的更改是無感知的,當伺服器僅支持 ssh-rsa 演算法時才會出現不相容的情況。
本地啟用 RSA/SHA1 支持僅僅只是一種權宜之計,官方建議是升級密鑰演算法或使用另一種密鑰演算法(例如 ECDSA 或 Ed25519 演算法)。
