ブログ - macOSからSSHでRTX1200に接続する設定
macOSからSSHでRTX1200に接続する設定
- カテゴリ :
- ガジェット » ネットワーク機器 » YAMAHA/ヤマハ » RTX1200
- ブロガー :
- ujpblog 2023/12/26 20:06
RTX1200にSSHで接続できるようにする.
RTX1200上でホスト鍵を生成し,SSHDサービスを起動し,LAN3からのアクセスを許可する.
macOSから接続してみる.
no matching key exchange method found.(一致する鍵交換方式が見つからない)というエラーになってる.
表示によると,次の3つの鍵交換方式が選べる模様.
・diffie-hellman-group-exchange-sha1
・diffie-hellman-group14-sha1
・diffie-hellman-group1-sha1
RTX1200上でホスト鍵を生成し,SSHDサービスを起動し,LAN3からのアクセスを許可する.
[RTX1200-1]:> administrator🆑
Password:🔑
[RTX1200-1]:# sshd host key generate🆑
Generating public/private dsa key pair ...
|*******
Generating public/private rsa key pair ...
|*******
[RTX1200-1]:# sshd service on🆑
[RTX1200-1]:# sshd host lan3🆑
[RTX1200-1]:#
$ ssh 192.168.20.1 -l ujpadmin🆑
Unable to negotiate with 192.168.20.1 port 22: no matching key exchange method found. Their offer:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
$
表示によると,次の3つの鍵交換方式が選べる模様.
・diffie-hellman-group-exchange-sha1
・diffie-hellman-group14-sha1
・diffie-hellman-group1-sha1
最初の1つ目を.ssh/configファイルに記述する.
まずはconfigファイルがあるか確認.
ファイルがないことが確認できたので,次のようなファイルを作成する.
macOSからRTX1200へSSHで接続する.
無事接続できました.
しかし,diffie-hellman-group-exchange-sha1だと明らかに接続が遅いので,ゆるいセキュリティ対策でよければdiffie-hellman-group14-sha1に変更がよさそう.
まずはconfigファイルがあるか確認.
$ ls -la ~/.ssh/config🆑
ls: cannot access '/Users/ujpadmin/.ssh/config': No such file or directory
$
$ cat ~/.ssh/config🆑
Host 192.168.20.*
KexAlgorithms +diffie-hellman-group-exchange-sha1
$
$ ssh 192.168.20.1 -l ujpadmin🆑
The authenticity of host '192.168.20.1 (192.168.20.1)' can't be established.
RSA key fingerprint is SHA256:wLuAAAAAAAAqd12o2euBBBBBBBBBBBqlebDp0ywjQqs.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes🆑
Warning: Permanently added '192.168.20.1' (RSA) to the list of known hosts.
ujpadmin@192.168.20.1's password:
RTX1200 Rev.10.01.76 (Fri Apr 13 12:25:45 2018)
Copyright (c) 1994-2018 Yamaha Corporation. All Rights Reserved.
Copyright (c) 1991-1997 Regents of the University of California.
Copyright (c) 1995-2004 Jean-loup Gailly and Mark Adler.
Copyright (c) 1998-2000 Tokyo Institute of Technology.
Copyright (c) 2000 Japan Advanced Institute of Science and Technology, HOKURIKU.
Copyright (c) 2002 RSA Security Inc. All rights reserved.
Copyright (c) 1997-2010 University of Cambridge. All rights reserved.
Copyright (C) 1997 - 2002, Makoto Matsumoto and Takuji Nishimura, All rights reserved.
Copyright (c) 1995 Tatu Ylonen , Espoo, Finland All rights reserved.
Copyright (c) 1998-2004 The OpenSSL Project. All rights reserved.
Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) All rights reserved.
Copyright (c) 2006 Digital Arts Inc. All Rights Reserved.
Copyright (C) 1994-2012 Lua.org, PUC-Rio.
Copyright (c) 1988-1992 Carnegie Mellon University All Rights Reserved.
Copyright (C) 2004-2007 Diego Nehab. All rights reserved.
Copyright (c) 2005 JSON.org
AAAAAAAAAAAA, BBBBBBBBBBBBB, CCCCCCCCCCCCCCC
Memory 128Mbytes, 3LAN, 1BRI
[RTX1200-1]:>
しかし,diffie-hellman-group-exchange-sha1だと明らかに接続が遅いので,ゆるいセキュリティ対策でよければdiffie-hellman-group14-sha1に変更がよさそう.
