Unable to negotiate with xxx: no matching MAC found
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Unable to negotiate with xxx: no matching MAC found相关的知识,希望对你有一定的参考价值。
参考技术A 在CentOS7上在用ansible部署OpenStack AIO环境时,遇到以下报错:fatal: [aio1]: UNREACHABLE! => "changed": false, "msg": "Failed to connect to the host via ssh: Unable to negotiate with 172.29.236.100 port 22: no matching MAC found. Their offer: hmac-sha2-256,hmac-sha2-512\r\n", "unreachable": true
尝试在该服务器上SSH 127.0.0.1,报错如下:
1Unable to negotiate with 127.0.0.1 port 22: no matching MAC found. Their offer: hmac-sha2-256,hmac-sha2-512
但在我的macbook上,去SSH这个服务器是正常的。
于是通过ssh -vvv 看了下 debug信息,发现macbook上有部分信息与该服务器上执行ssh -vvv是不一样的:
macbook ssh服务器:
debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512
debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512
服务器ssh本地:
debug2: MACs ctos: hmac-sha1
debug2: MACs stoc: hmac-sha1
于是查看服务器上的ssh配置,在/etc/ssh/ssh_config上发现:
MACs hmac-sha1
没有hmac-sha2-256等信息,将这一行修改为:
MACs hmac-sha1, hmac-sha2-256, hmac-sha2-512
问题解决。
记录Git Unable to negotiate with xxx... 问题
最近升级了 Git, 发现 Push、Pull 不了了, 上网查了下,是 openSSH8.8 不支持RSA算法,而git服务器只支持RSA,所以和服务器连接不上,本质上是加密算法的问题。
所以就算重新生成密钥 ,也是会有问题的,因为你生成密钥肯定是拿到Git服务器上,那就RSA,而openSSH 不支持,所以没用。
解决: 让连接支持 RSA 算法,进入到 C\\user\\username.ssh 中,如果没有则创建一个 config
文件,进入后,配置下面信息
Host git@HostName
// 下面是新增的配置
HostkeyAlgorithms +ssh-rsa
PubkeyAcceptedAlgorithms +ssh-rsa
以上是关于Unable to negotiate with xxx: no matching MAC found的主要内容,如果未能解决你的问题,请参考以下文章
记录Git Unable to negotiate with xxx... 问题
Unable to negotiate with xx.xxx.xxxx port 22: no matching host key type found. Their offer: ssh-rsa(
SSH_Unable to negotiate with 192.168.1.152 port 22: nomatching host host key type found. Their offer
Unable to negotiate with xxxxport 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss
Unable to negotiate with XXXX port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss
fiddler 502 System.Security.SecurityException Failed to negotiate HTTPS connection with server.fid