no matching key exchange 메서드에 대해 찾았습니다.Their offer: diffie-hellman-group1-sha1의 해결 방법

1824 단어
원문 링크:https://mycyberuniverse.com/error/no-matching-key-exchange-method-found-openssh7.html

What causes this problem


OpenSSH 7.0 deprecated the  diffie-hellman-group1-sha1  key algorithm because it is weak and within theoretical range of the so-called Logjam attack. See the www.openssh.com/legacy.html page for more information.
If the client and server are unable to agree on a mutual set of parameters then the connection will fail. OpenSSH (7.0 and greater) will produce an error message like this:
Unable to negotiate with host: no matching key exchange method found.
Their offer: diffie-hellman-group1-sha1

In this case, the client and server were unable to agree on the key exchange algorithm because the server offered only a single method  diffie-hellman-group1-sha1 .

How to fix it


The best resolution for these failures is to upgrade/configure the server to not use deprecated algorithms. If that is not possible, you can force the client to re-enable the  diffie-hellman-group1-sha1  key exchange algorithm with the  -oKexAlgorithms=+diffie-hellman-group1-sha1  option on the command-line:
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@host

or in the  ~/.ssh/config  file:
Host somehost.example.org
    KexAlgorithms +diffie-hellman-group1-sha1

주의: 여기 있는 두 줄의 코드는 따로 쓰고, 호스트 뒤에 있는 사이트는 IP 주소로 대체하지 마십시오. (dns가 해석할 수 없으면hosts 파일에 추가하면 됩니다.)
If this article helped you solve the problem then please leave a comment. 
Thanks for reading!
다음으로 전송:https://www.cnblogs.com/feipeng8848/p/9523416.html

좋은 웹페이지 즐겨찾기