[ SSH KEY ½ÇÆÐ ]

   Á¶È¸ 6277   Ãßõ 0    

 하기와 같이, 

  SSH CLIENT(데비안) -> SSH DAEMON(라즈베리파이)간이 SSH KEY 협상 실패가 발생합니다.

  이에 대한, SSH CLIENT 또는 SERVER에서 공통지원하는 키를 추가하여 해결 하였으면 합니다.

해당 조치 내역 아시는 분의 조언 부탁 드려 봅니다.

정확히 어떠한 과정에서 실패한 건지도 궁금하긴 합니다. 꾸벅


감사합니다.


#01:/etc/init.d# ssh -vvv -p 10060 root@a.b.c.d
OpenSSH_3.8.1p1 Debian-8.sarge.6, OpenSSL 0.9.7e 25 Oct 2004
debug1: Reading configuration data /root/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to a.b.c.d [a.b.c.d] port 10060.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type -1
debug3: Not a RSA1 key file /root/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Raspbian-10+deb9u3
debug1: match: OpenSSH_7.4p1 Raspbian-10+deb9u3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 Debian-8.sarge.6
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,************@*******.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,************@*******.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,**************@*******.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,**************@*******.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256,*****************@******.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: *****************@*******.com,aes128-ctr,aes192-ctr,aes256-ctr,**********@*******.com,**********@*******.com
debug2: kex_parse_kexinit: *****************@*******.com,aes128-ctr,aes192-ctr,aes256-ctr,**********@*******.com,**********@*******.com
debug2: kex_parse_kexinit: ***********@*******.com,************@*******.com,*****************@*******.com,*****************@*******.com,*************@*******.com,*******@*******.com,********@*******.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: ***********@*******.com,************@*******.com,*****************@*******.com,*****************@*******.com,*************@*******.com,*******@*******.com,********@*******.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none,****@*******.com
debug2: kex_parse_kexinit: none,****@*******.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_init: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
no kex alg <====================================================================== !!!

ªÀº±Û Àϼö·Ï ½ÅÁßÇÏ°Ô.
ÀÚ´äÇÕ´Ï´Ù.

¿ø¸®´Â ¸ð¸£Áö¸¸, Á¶Ä¡¹æ¹ýÀ¸·Î ÇϱâÀÇ ¼³Á¤À» SSH DAEMON(¶óÁ¸®ÆÄÀÌ)¿¡ Ãß°¡ ¹× SSH Àç±âµ¿ÇÏ¿© SSH Á¢¼Ó À̽´ ÇØ°áÇÏ¿´½À´Ï´Ù.

#> cat /etc/ssh/sshd_config
....
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,blowfish-cbc,aes128-cbc,3des-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1


QnA
Á¦¸ñPage 1595/5685
2015-12   1502824   ¹é¸Þ°¡
2014-05   4966431   Á¤ÀºÁØ1
2016-03   3737   ¹Ú¹Ú¼­¹æ
2016-06   3737   WyldeCat
2018-12   3737   ´ëÇѹα¹
2015-08   3737   ADUS
2021-03   3737   HP¼­¹ö
2014-09   3737   VSPress
2017-06   3737   ³ªºñz
2018-04   3737   Àü¼³¼ÓÀǹ̡¦
2019-10   3737   neo21s
2021-09   3737   Ä«·½
2017-03   3737   ¹®Åº¹1
2013-12   3737   ±è°Ç¿ì
2014-08   3737   õ¿Üõoo³ë¡¦
2017-05   3737   ±è½ÂÇö1
2015-09   3737   ±è¹ÎöGC
2018-05   3738   ¾Æ¸¶µ¥¿ì¾²
2016-08   3738   Dishy
2018-11   3738   À¸¶óÂ÷Â÷Â÷
2017-10   3738   ¼­¿ï»ç¶÷
2014-04   3738   ȲÁø¿ì