본문 바로가기

리눅스

ssh 접속 시 no matching key exchange method found 에러

728x90

ssh 접속 시 no matching key exchange method found 에러

테스트 환경

$ cat /etc/redhat-release
CentOS release 5.6 (Final)

$ getconf LONG_BIT
32
$ openssl version
OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008

$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008

[에러]

Unable to negotiate with 192.168.0.101 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

ssh user1@192.168.0.101
$ ssh user1@192.168.0.101
Unable to negotiate with 192.168.0.101 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

연결 매개변수 목록(OpenSSH Legacy Options)

- KexAlgorithms: the key exchange methods that are used to generate per-connection keys
- HostkeyAlgorithms: the public key algorithms accepted for an SSH server to authenticate itself to an SSH client
- Ciphers: the ciphers to encrypt the connection
- MACs: the message authentication codes used to detect traffic modification

해결 방안 1)

Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

ssh -oKexAlgorithms=diffie-hellman-group-exchange-sha1 user1@192.168.0.101

ssh -oKexAlgorithms=diffie-hellman-group-exchange-sha1 user1@192.168.0.101
728x90

 

해결 방안 2)

~/.ssh/config 파일 편집

vim ~/.ssh/config
$ vim ~/.ssh/config
...
Host serv-101
     hostname 192.168.0.101
     KexAlgorithms diffie-hellman-group-exchange-sha1
     user user1
     identityfile "~/aws-key/production.pem"
     port 22

ssh serv-101

ssh serv-101

 

참고URL

- http://www.openssh.com/legacy.html

 

728x90