ssh 접속 시 no matching key exchange method found 에러
테스트 환경
$ cat /etc/redhat-release
CentOS release 5.6 (Final)
$ getconf LONG_BIT
32
$ openssl version
OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
$ ssh -V
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
[에러]
Unable to negotiate with 192.168.0.101 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
ssh user1@192.168.0.101
$ ssh user1@192.168.0.101
Unable to negotiate with 192.168.0.101 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
연결 매개변수 목록(OpenSSH Legacy Options)
- KexAlgorithms: the key exchange methods that are used to generate per-connection keys
- HostkeyAlgorithms: the public key algorithms accepted for an SSH server to authenticate itself to an SSH client
- Ciphers: the ciphers to encrypt the connection
- MACs: the message authentication codes used to detect traffic modification
해결 방안 1)
Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
ssh -oKexAlgorithms=diffie-hellman-group-exchange-sha1 user1@192.168.0.101
ssh -oKexAlgorithms=diffie-hellman-group-exchange-sha1 user1@192.168.0.101
해결 방안 2)
~/.ssh/config 파일 편집
vim ~/.ssh/config
$ vim ~/.ssh/config
...
Host serv-101
hostname 192.168.0.101
KexAlgorithms diffie-hellman-group-exchange-sha1
user user1
identityfile "~/aws-key/production.pem"
port 22
ssh serv-101
ssh serv-101
참고URL
- http://www.openssh.com/legacy.html
'리눅스' 카테고리의 다른 글
CentOS 7에서 virbr0 NAT 인터페이스를 비활성화하는 방법 (0) | 2022.02.23 |
---|---|
GitLab에서 첨부 파일 크기 제한을 늘리는 방법 (0) | 2022.02.22 |
GitLab의 root 계정 비밀번호를 초기화하는 방법 (0) | 2022.02.21 |
Mac Time Machine 백업 시간 줄이기 (0) | 2022.02.17 |
CentOS 7에 Apache2의 확장 모듈인 Evasive를 설치하는 방법 (0) | 2022.02.05 |