基于openEuler-24.03-LTS-SP1-x86_64测试国密SSH登录,遇到如下报错:
[root@node ~]# ssh -o HostKeyAlgorithms=sm2 -o PubkeyAcceptedKeyTypes=sm2 -o Ciphers=sm4-ctr -o MACs=hmac-sm3 -o KexAlgorithms=sm2-sm3 root@192.168.20.103
Unable to negotiate with 192.168.20.103 port 22: no matching host key type found. Their offer: rsa-sha2-512,rsa-sha2-256,ssh-ed25519
在OpenSSH server做了如下配置
Ciphers sm4-ctr,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
MACs hmac-sm3,hmac-sha2-512,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha2-256-etm@openssh.com
KexAlgorithms sm2-sm3,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
HostKeyAlgorithms sm2,ssh-ed25519,ssh-ed25519-cert-v01@openssh.com,rsa-sha[2-25](javascript:;)6,rsa-sha2-512
除此之外,还需要其他配置吗?