搜索了好久发现是更新到openssh8.9P1之后的问题(Ubuntu 22.04.1的源已经更新到此版本)
这个其实是新版本openssh弃用了RSA/SHA1密钥算法导致老旧客户端无法识别
先附上一段官方说明: #感谢jumpserver官方开发人员的解说
Incompatibility is more likely when connecting to older SSH
implementations that have not been upgraded or have not closely tracked
improvements in the SSH protocol. For these cases, it may be necessary
to selectively re-enable RSA/SHA1 to allow connection and/or user
authentication via the HostkeyAlgorithms and PubkeyAcceptedAlgorithms
options. For example, the following stanza in ~/.ssh/config will enable
RSA/SHA1 for host and user authentication for a single destination host:
Host old-host
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
需要在服务器端的/etc/ssh/sshd_config配置中增加
HostkeyAlgorithms +ssh-rsa PubkeyAcceptedAlgorithms +ssh-rsa 重启systemctl restart sshd 即可
也可以单独修改客户端的配置,让其可以连接服务器
vi /etc/ssh/ssh_config #增加如下内容
PubkeyAcceptedKeyTypes=+ssh-rsa
|
|
运维要高效,装宝塔
