Tuesday, June 25, 2019

ssh refusing connection with message “no hostkey alg”

Pengalaman waktu install salah satu server di kantor, waktu dicoba untuk di ssh dari komputer/server lain munculnya:

[root@server1 ~]# ssh 192.168.1.254
no hostkey alg
[root@server1 ~]#

Coba2 googling rata2 disarankan untuk generate ulang key dgn cara spt ini:

~# ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
~# ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
Ternyata tidak berhasil juga.


Akhirnya penasaran coba dibandingkan file2 yg ada di directory /etc/ssh, ternyata ada perbedaan permission file nya. Di server2 yg nggak bisa di ssh permission nya spt ini:

[root@server2 ~]# ls -la /etc/ssh/
total 328
drwxr-xr-x.  3 root root       4096 Jun 25 00:08 .
drwxr-xr-x. 96 root root      12288 Jun 10 15:16 ..
drwxr-xr-x.  2 root root       4096 Dec 14  2018 bak
-rw-r--r--.  1 root root     242153 Nov 12  2016 moduli
-rw-r--r--.  1 root root       2208 Nov 12  2016 ssh_config
-rw-------.  1 root root       4358 Jun 25 00:08 sshd_config
-rw-------.  1 root root      16384 Jun 25 00:08 .sshd_config.swp
-rwxrwxrwx.  1 root root        668 Jun 25 00:03 ssh_host_dsa_key
-rwxrwxrwx.  1 root root        609 Jun 25 00:03 ssh_host_dsa_key.pub
-rw-r-----.  1 root ssh_keys    227 Dec 14  2018 ssh_host_ecdsa_key
-rw-r--r--.  1 root root        162 Dec 14  2018 ssh_host_ecdsa_key.pub
-rw-r-----.  1 root ssh_keys    387 Dec 14  2018 ssh_host_ed25519_key
-rw-r--r--.  1 root root         82 Dec 14  2018 ssh_host_ed25519_key.pub
-rwxrwxrwx.  1 root root        963 Apr 18  2011 ssh_host_key
-rwxrwxrwx.  1 root root        627 Apr 18  2011 ssh_host_key.pub
-rw-------.  1 root root       1679 Jun 25 00:02 ssh_host_rsa_key
-rwxrwxrwx.  1 root root        401 Jun 25 00:02 ssh_host_rsa_key.pub
Padahal di server1 yang normal, permission file nya spt ini:

[root@server1 ~]# ls -la /etc/ssh/
total 328
drwxr-xr-x.  3 root root       4096 Jun 25 00:08 .
drwxr-xr-x. 96 root root      12288 Jun 10 15:16 ..
drwxr-xr-x.  2 root root       4096 Dec 14  2018 bak
-rw-r--r--.  1 root root     242153 Nov 12  2016 moduli
-rw-r--r--.  1 root root       2208 Nov 12  2016 ssh_config
-rw-------.  1 root root       4358 Jun 25 00:08 sshd_config
-rw-------.  1 root root      16384 Jun 25 00:08 .sshd_config.swp
-rw-------.  1 root root        668 Jun 25 00:03 ssh_host_dsa_key
-rw-r--r--.  1 root root        609 Jun 25 00:03 ssh_host_dsa_key.pub
-rw-r-----.  1 root ssh_keys    227 Dec 14  2018 ssh_host_ecdsa_key
-rw-r--r--.  1 root root        162 Dec 14  2018 ssh_host_ecdsa_key.pub
-rw-r-----.  1 root ssh_keys    387 Dec 14  2018 ssh_host_ed25519_key
-rw-r--r--.  1 root root         82 Dec 14  2018 ssh_host_ed25519_key.pub
-rw-------.  1 root root        963 Apr 18  2011 ssh_host_key
-rw-r--r--.  1 root root        627 Apr 18  2011 ssh_host_key.pub
-rw-------.  1 root root       1679 Jun 25 00:02 ssh_host_rsa_key
-rw-r--r--.  1 root root        401 Jun 25 00:02 ssh_host_rsa_key.pub

Akhirnya setelah permission file di server2 disamakan dengan server1, alhamdulillah sudah bisa di ssh.. yay! Jadi pastikan file permission untuk ssh_host_* adalah 600 dan file ssh_host_*.pub adalah 644

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

install php 8.1 & MariaDB on CentOS 7

yum-config-manager --disable 'remi-php*' yum-config-manager --enable remi-php81 yum install php vim /etc/yum.repos.d/MariaDB....