{"id":497,"date":"2018-11-14T18:09:00","date_gmt":"2018-11-14T09:09:00","guid":{"rendered":"https:\/\/wp.zassoul.com\/?p=497"},"modified":"2018-11-14T18:09:00","modified_gmt":"2018-11-14T09:09:00","slug":"ubuntuwsl-%e3%81%a7ssh%e6%8e%a5%e7%b6%9a%e3%81%a7%e3%82%a8%e3%83%a9%e3%83%bc%e3%81%8c%e5%87%ba%e3%82%8b","status":"publish","type":"post","link":"https:\/\/wp.zassoul.com\/?p=497","title":{"rendered":"ubuntu@WSL \u3067SSH\u63a5\u7d9a\u3067\u30a8\u30e9\u30fc\u304c\u51fa\u308b"},"content":{"rendered":"<p>NW\u6a5f\u5668\u3078\u306eSSH\u63a5\u7d9a\u6642\u306b\u6697\u53f7\u5316\u30cd\u30b4\u306e\u5931\u6557\u3067\u3064\u306a\u304c\u3089\u306a\u3044\u3068\u304d\u306e\u5bfe\u51e6\u6cd5\u3002<\/p>\n<pre>ubuntu:~$ ssh -l cisco 192.168.1.200<br \/>Unable to negotiate with 192.168.1.200 port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc<br \/><\/pre>\n<p>\u6697\u53f7\u5316\u65b9\u5f0f\u30c1\u30a7\u30c3\u30af\u3002<\/p>\n<pre>ubuntu:~$ ssh -Q cipher<br \/>3des-cbc<br \/>aes128-cbc<br \/>aes192-cbc<br \/>aes256-cbc<br \/>rijndael-cbc@lysator.liu.se<br \/>aes128-ctr<br \/>aes192-ctr<br \/>aes256-ctr<br \/>aes128-gcm@openssh.com<br \/>aes256-gcm@openssh.com<br \/>chacha20-poly1305@openssh.com<br \/><\/pre>\n<p>\u30b5\u30dd\u30fc\u30c8\u306f\u3057\u3066\u3044\u308b\u3002\u6709\u52b9\u5316\u3055\u308c\u3066\u3044\u306a\u3044\u306e\u304b\u3002<br \/>\u3061\u306a\u307f\u306b\u30aa\u30d7\u30b7\u30e7\u30f3 -c \u3067\u6697\u53f7\u5316\u6307\u5b9a\u3059\u308b\u3068\u884c\u3051\u308b\u3002<\/p>\n<p>Cisco\u5074\u3067\u306f\u4ee5\u4e0b\u30e1\u30c3\u30bb\u30fc\u30b8\u304c\u51fa\u3066\u3044\u305f\u3002<\/p>\n<pre> client chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com <br \/> server aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc<br \/><\/pre>\n<p>\u3084\u306f\u308a\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306e\u30aa\u30d5\u30a1\u30fc\u306bcbc\u304c\u5165\u3063\u3066\u3044\u306a\u3044\u30fb\u30fb\u30fb\u3002<\/p>\n<p>\/etc\/ssh\/ssh_config \u3092\u7de8\u96c6\u3002<\/p>\n<pre>Host *<br \/>#   ForwardAgent no<br \/>#   ForwardX11 no<br \/>#   ForwardX11Trusted yes<br \/>#   PasswordAuthentication yes<br \/>#   HostbasedAuthentication no<br \/>#   GSSAPIAuthentication no<br \/>#   GSSAPIDelegateCredentials no<br \/>#   GSSAPIKeyExchange no<br \/>#   GSSAPITrustDNS no<br \/>#   BatchMode no<br \/>#   CheckHostIP yes<br \/>#   AddressFamily any<br \/>#   ConnectTimeout 0<br \/>#   StrictHostKeyChecking ask<br \/>#   IdentityFile ~\/.ssh\/id_rsa<br \/>#   IdentityFile ~\/.ssh\/id_dsa<br \/>#   IdentityFile ~\/.ssh\/id_ecdsa<br \/>#   IdentityFile ~\/.ssh\/id_ed25519<br \/>#   Port 22<br \/>#   Protocol 2<br \/>#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc<br \/>   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc             # \u3053\u3053\u3092\u8ffd\u8a18<br \/>#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com<br \/>#   EscapeChar ~<br \/>#   Tunnel no<br \/>#   TunnelDevice any:any<br \/>#   PermitLocalCommand no<br \/>#   VisualHostKey no<br \/>#   ProxyCommand ssh -q -W %h:%p gateway.example.com<br \/>#   RekeyLimit 1G 1h<br \/>    SendEnv LANG LC_*<br \/>    HashKnownHosts yes<br \/>    GSSAPIAuthentication yes<br \/><\/pre>\n<p>\u78ba\u8a8d\u3002<\/p>\n<pre>ubuntu:~$ ssh -l cisco 192.168.1.200<br \/><br \/>Password:<br \/><\/pre>\n<p>\u3053\u308c\u3067\u3044\u3051\u308b\u3088\u3046\u306b\u306a\u3063\u305f\u3051\u3069, \u30c7\u30d5\u30a9\u30eb\u30c8\u3067\u6709\u52b9\u5316\u3055\u308c\u3066\u3044\u308b\u3082\u306e\u3092\u78ba\u8a8d\u3059\u308b\u306b\u306f\u3069\u3046\u3057\u305f\u3089\u3044\u3044\u306e\u3060\u3002<\/p>\n<p>OpenSSH\u306e<a href=\"https:\/\/www.openssh.com\/txt\/release-7.5\" target=\"_blank\" rel=\"noopener noreferrer\">\u30ea\u30ea\u30fc\u30b9\u30ce\u30fc\u30c8<\/a>\u898b\u305f\u3089, 7.5\u304b\u3089CBC\u306f\u30c7\u30d5\u30a9\u30eb\u30c8\u3067\u7121\u52b9\u5316\u3055\u308c\u3066\u3044\u305f\u3002<br \/>ubuntu\u306eapt-get upgrade \u3067\u4e0a\u3052\u305f\u304b\u3089\u304b\u306a\uff1f<\/p>\n","protected":false},"excerpt":{"rendered":"<p>NW\u6a5f\u5668\u3078\u306eSSH\u63a5\u7d9a\u6642\u306b\u6697\u53f7\u5316\u30cd\u30b4\u306e\u5931\u6557\u3067\u3064\u306a\u304c\u3089\u306a\u3044\u3068\u304d\u306e\u5bfe\u51e6\u6cd5\u3002 ubuntu:~$ ssh -l cisco 192.168.1.200Unable to negotiate with 192.168.1.200\u2026 <span class=\"read-more\"><a href=\"https:\/\/wp.zassoul.com\/?p=497\">\u7d9a\u304d\u3092\u8aad\u3080 &raquo;<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,13,8],"tags":[],"class_list":["post-497","post","type-post","status-publish","format-standard","hentry","category-it","category-linux","category-8"],"_links":{"self":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/posts\/497","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=497"}],"version-history":[{"count":0,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=\/wp\/v2\/posts\/497\/revisions"}],"wp:attachment":[{"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=497"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=497"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wp.zassoul.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=497"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}