ずっと昔の Linux マシンに ssh しようとしたらエラー。
$ ssh 192.168.0.5
Unable to negotiate with 192.168.0.5 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss
環境
接続元は Ubuntu 22.04 LTS Ja 版 で
$ ssh -V
OpenSSH_8.9p1 Ubuntu-3, OpenSSL 3.0.2 15 Mar 2022
でした。
背景
https://www.openssh.com/txt/release-8.8
によると、
Potentially-incompatible changes
This release disables RSA signatures using the SHA-1 hash algorithm
by default. This change has been made as the SHA-1 hash algorithm is
cryptographically broken, and it is possible to create chosen-prefix
hash collisions for <USD$50K [1]For most users, this change should be invisible and there is
no need to replace ssh-rsa keys. OpenSSH has supported RFC8332
RSA/SHA-256/512 signatures since release 7.2 and existing ssh-rsa keys
will automatically use the stronger algorithm where possible.Incompatibility is more likely when connecting to older SSH
implementations that have not been upgraded or have not closely tracked
improvements in the SSH protocol. For these cases, it may be necessary
to selectively re-enable RSA/SHA1 to allow connection and/or user
authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms
options. For example, the following stanza in ~/.ssh/config will enable
RSA/SHA1 for host and user authentication for a single destination host:Host old-host HostkeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsaWe recommend enabling RSA/SHA1 only as a stopgap measure until legacy
implementations can be upgraded or reconfigured with another key type
(such as ECDSA or Ed25519).[1] "SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and
Application to the PGP Web of Trust" Leurent, G and Peyrin, T
(2020) https://eprint.iacr.org/2020/014.pdf
とあります。
一時的な対応
$ ssh -oHostKeyAlgorithms=+ssh-dss 192.168.0.5
または
$ ssh -oHostKeyAlgorithms=+ssh-rsa 192.168.0.5
で接続する。
(2023/04/17 追記)
@mizuhof さんよりコメントをいただきました。 @mizuhof
さんの環境では以下のようにする必要があったそうです
$ ssh -oHostKeyAlgorithms=+ssh-rsa -oPubkeyAcceptedAlgorithms=ssh-dss,ssh-rsa 192.168.0.5
@mizuhof さん、ありがとうございました。
(2023/04/07 追記 ここまで)
もし
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the DSA key sent by the remote host is
.
.
.
というメッセージが出てきた場合は以下のようにして known_hosts から削除します。
$ ssh-keygen -R 192.168.0.5
config での対応
リリースノートにあるように ~/.ssh/config 内に
Host 192.168.0.5
HostKeyAlgorithms ssh-dss,ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
と書けば接続できるようになります。