Translations of this page:
- 日本語 (ja)
- English (en)
最近の更新
- 02 Apache2で自己認証ssl [中間証明書の整合性確認]
最近の更新
When connecting via SSH from an older OS, there may be cases where connections cannot be made due to the following error:
From RHEL6 to RHEL8, for example,
The RHEL6 side needs to support ECDSA connections.
Although there is a need to run commands like “make,” it's possible that following 3. Update the client's SSH is the simplest solution.
$ ssh 10.10.0.25 no hostkey alg
ssh-keygen -t ecdsa -b 256
The private key and public key are these:
$ ls .ssh/id_ecdsa* .ssh/id_ecdsa .ssh/id_ecdsa.pub
You can use password authentication with this method.
If set to connect using ECDSA, the connection will be possible.
.ssh/config
Host 10.10.0.25 HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
.ssh/config
Host 10.10.10.* HostKeyAlgorithms ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
cat << __EOM__ >> /etc/ssh/sshd_config HostKeyAlgorithms +ssh-rsa PubkeyAcceptedKeyTypes +ssh-rsa __EOM__
systemctl restart ssh.service
From here, download the new version of OpenSSH.
http://ftp.jaist.ac.jp/pub/OpenBSD/OpenSSH/portable/
$ tar zxvf openssh-8.0p1.tar.gz $ cd openssh-8.0p1 $ ./configure $ make # cp ssh /usr/local/bin/ssh
Write it as an alias.
$ cat .bashrc alias ssh='/usr/local/bin/ssh' $ ssh -V OpenSSH_9.2p1, OpenSSL 1.0.2k-fips 26 Jan 2017