試著用 ssh_setup 設定多台 Server 間的 ssh key,有個錯誤是這樣的:
[server@www ~]# ssh-keygen -R aaa.bbb.ccc.ddd
line 63 invalid key: aaa.bbb.ccc.ddd...
/server/.ssh/known_hosts is not a valid known_host file.
Not replacing existing known_hosts file because of errors
You have new mail in /var/spool/mail/server
它認為第 63 行是不合法的:
aaa.bbb.ccc.ddd ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTIt....
aaa.bbb.ccc.ddd ssh-rsa AAAAB3Nza....
其中含 ecdsa-sha2-nistp256 是 script 寫進來的,它來自一台比較新的 ec2 server,而出問題的電腦裝的是 Fedora Core 8。
分別查詢 man ssh_config 可以知兩者支援的 HostKeyAlgorithms 有何不同:
HostKeyAlgorithms
Specifies the protocol version 2 host key algorithms that the client wants to use in order of preference. The default for this option is:
[email protected],
[email protected],
[email protected],
[email protected],[email protected],
[email protected],[email protected],
ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
ssh-rsa,ssh-dss
HostKeyAlgorithms
Specifies the protocol version 2 host key algorithms that the client wants to use in order of preference. The default for this option is: “ssh-rsa,ssh-dss”.
看來要符合 2 台都支援,只能選用 ssh-rsa 或 ssh-dss 的格式。