SYSOP 板


LINE

作者asdfghjklasd (最讨厌群组拉人不先问)
看板SYSOP
标题

Re: [公告] PTT SSH RSA 金钥更换

时间Wed Oct 9 13:39:31 2024
解决方式 在 .ssh/config 加 Host * KexAlgorithms [email protected] 就可以 ssh [email protected] ssh -vvv log 如下 OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 58: Applying options for * debug2: resolving "bbs.ptt.cc" port 22 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to bbs.ptt.cc [140.112.172.11] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_rsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /root/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version 2.0, remote software version bbs-sshd debug1: no match: bbs-sshd debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to bbs.ptt.cc:22 as 'bbsu' debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1,ext-info-c debug2: host key algorithms: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-dss debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,aes192-cbc,aes256-cbc debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,aes192-cbc,aes256-cbc debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: compression ctos: none,[email protected],zlib debug2: compression stoc: none,[email protected],zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,[email protected],diffie-hellman-group16-sha512,diffie-hellman-group14-sha256,ext-info-s,[email protected] debug2: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa debug2: ciphers ctos: [email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr debug2: ciphers stoc: [email protected],[email protected],aes256-ctr,aes192-ctr,aes128-ctr debug2: MACs ctos: [email protected],[email protected],hmac-sha2-512,hmac-sha2-256,[email protected],hmac-sha1 debug2: MACs stoc: [email protected],[email protected],hmac-sha2-512,hmac-sha2-256,[email protected],hmac-sha1 debug2: compression ctos: none debug2: compression stoc: none debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: curve25519-sha256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none debug1: kex: curve25519-sha256 need=64 dh_need=64 debug1: kex: curve25519-sha256 need=64 dh_need=64 debug3: send packet: type 30 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY 麻烦站方再看一下,要怎设定才能连. ※ 引述《wens (文思)》之铭言: : 由於批踢踢 SSH 原先使用的 RSA 金钥长度已不符现今最短长度要求,因此予以更换。 : 以下为新的 RSA 金钥的指纹: : 3072 SHA256:9/gkjxWjuteMj//K0sRo1gj7h5qTp0HPIH3n7+e3Jqc [email protected] (RSA) : +---[RSA 3072]----+ : | | : | | : | | : | .. | : | . Soo=+ | : | o.*=*+o | : | .=*B= | : | o+BX=o oo| : | *Bo=BEO++| : +----[SHA256]-----+ : 同时并将现行 SSH 金钥指纹登载於 DNS SSHFP 纪录。 --



※ 发信站: 批踢踢实业坊(ptt.cc), 来自: 158.101.145.243 (日本) ※ 文章网址: https://webptt.com/cn.aspx?n=bbs/SYSOP/M.1728452373.A.180.html
1F:→ wens: 阿你的 SSH 还在 7.4? 140.112.30.76 10/09 21:22
2F:→ wens: 看不出问题在哪,就看起来停住了 140.112.30.76 10/09 21:37
3F:推 yvb: 我的版本更旧, 但用起来正常... 60.250.129.28 10/09 22:17
4F:→ yvb: OpenSSH_7.2p2, OpenSSL 1.0.1 14 Mar 2012 60.250.129.28 10/09 22:17
5F:→ asdfghjklasd: 我9.9p1 的也不行.158.101.145.243 10/09 22:34
6F:推 yvb: google: expecting SSH2_MSG_KEX_ECDH_REPLY 60.250.129.28 10/09 23:31
7F:→ yvb: 试试看是否其中是有方式可以解决这问题. 60.250.129.28 10/09 23:32
8F:→ asdfghjklasd: 我有google 过试过蛮多方式158.101.145.243 10/10 09:09
9F:→ asdfghjklasd: 现在用xshell 直连158.101.145.243 10/10 09:09
10F:推 a123453906: 我也是卡一样地方 1.34.206.140 10/10 12:28
11F:→ a123453906: ssh -o KexAlgorithms=curve25519- 1.34.206.140 10/10 12:28
12F:→ a123453906: sha256 [email protected] 1.34.206.140 10/10 12:28
13F:→ a123453906: 後来加上这个就能连了 1.34.206.140 10/10 12:29
14F:→ asdfghjklasd: 我加上也可以了.感谢分享 140.238.52.217 10/10 21:48
※ 编辑: asdfghjklasd (140.238.52.217 日本), 10/10/2024 21:52:04
15F:推 yvb: 看来是 CentOS 才有这样的问题. 60.250.129.28 10/15 19:17
16F:→ asdfghjklasd: 我是 Oracle Linux and ubuntu 140.238.52.217 10/20 17:51
17F:推 yvb: 噢, 没用过 Oracle Linux, 或许它和 CentOS 60.250.129.28 10/21 19:00
18F:→ yvb: 有一些共通的部分? 60.250.129.28 10/21 19:00
19F:→ yvb: 至於 ubuntu 之前好像用人说没问题... 60.250.129.28 10/21 19:01
20F:→ yvb: 不知原PO的 ubuntu 是使用什麽版本发生问题? 60.250.129.28 10/21 19:02
21F:→ asdfghjklasd: buntu 24.04.1 LTS 这个版本 140.238.52.217 10/27 16:13
22F:→ jyhfang: Ubuntu 24.04.1 LTS 很常见的版本 真神奇 220.134.41.251 10/28 02:01
23F:→ jyhfang: 有机会来试试 220.134.41.251 10/28 02:01




热门看板

赞助商连结






like.gif 您可能会有兴趣的文章
icon.png[问题/行为] 猫晚上进房间会不会有憋尿问题
icon.pngRe: [闲聊] 选了错误的女孩成为魔法少女 XDDDDDDDDDD
icon.png[正妹] 瑞典 一张
icon.png[心得] EMS高领长版毛衣.墨小楼MC1002
icon.png[分享] 丹龙隔热纸GE55+33+22
icon.png[问题] 清洗洗衣机
icon.png[寻物] 窗台下的空间
icon.png[闲聊] 双极の女神1 木魔爵
icon.png[售车] 新竹 1997 march 1297cc 白色 四门
icon.png[讨论] 能从照片感受到摄影者心情吗
icon.png[狂贺] 贺贺贺贺 贺!岛村卯月!总选举NO.1
icon.png[难过] 羡慕白皮肤的女生
icon.png阅读文章
icon.png[黑特]
icon.png[问题] SBK S1安装於安全帽位置
icon.png[分享] 旧woo100绝版开箱!!
icon.pngRe: [无言] 关於小包卫生纸
icon.png[开箱] E5-2683V3 RX480Strix 快睿C1 简单测试
icon.png[心得] 苍の海贼龙 地狱 执行者16PT
icon.png[售车] 1999年Virage iO 1.8EXi
icon.png[心得] 挑战33 LV10 狮子座pt solo
icon.png[闲聊] 手把手教你不被桶之新手主购教学
icon.png[分享] Civic Type R 量产版官方照无预警流出
icon.png[售车] Golf 4 2.0 银色 自排
icon.png[出售] Graco提篮汽座(有底座)2000元诚可议
icon.png[问题] 请问补牙材质掉了还能再补吗?(台中半年内
icon.png[问题] 44th 单曲 生写竟然都给重复的啊啊!
icon.png[心得] 华南红卡/icash 核卡
icon.png[问题] 拔牙矫正这样正常吗
icon.png[赠送] 老莫高业 初业 102年版
icon.png[情报] 三大行动支付 本季掀战火
icon.png[宝宝] 博客来Amos水蜡笔5/1特价五折
icon.pngRe: [心得] 新鲜人一些面试分享
icon.png[心得] 苍の海贼龙 地狱 麒麟25PT
icon.pngRe: [闲聊] (君の名は。雷慎入) 君名二创漫画翻译
icon.pngRe: [闲聊] OGN中场影片:失踪人口局 (英文字幕)
icon.png[问题] 台湾大哥大4G讯号差
icon.png[出售] [全国]全新千寻侘草LED灯, 水草

请输入看板名称,例如:WOW站内搜寻

TOP