paramiko 不兼容的 ssh 对等点(没有可接受的 kex 算法)
尝试使用 paramiko 库通过 ssh 连接到 Cisco ACS 设备时出现以下错误。我在 python 中使用 paramiko 没有问题,我可以从命令行 ssh 到这个框,或者使用 putty 没有问题。我已打开调试并复制了此处的信息。如果您能帮助我,请告诉我。
import paramiko
import sys
import socket
try:
paramiko.common.logging.basicConfig(level=paramiko.common.DEBUG)
sshConnection = paramiko.SSHClient()
sshConnection.set_missing_host_key_policy(paramiko.AutoAddPolicy())
sshConnection.connect('server',username='username',password='password')
except paramiko.BadAuthenticationType:
sys.stdout.write('Bad Password!\n')
sys.exit()
except paramiko.SSHException, sshFail:
sys.stdout.write('Connection Failed!\n')
sys.stdout.write('%s\n' % sshFail)
sys.exit()
except socket.error, socketFail:
sys.stdout.write('Failed to open socket\n')
sys.stdout.write('%s\n' % socketFail)
sys.exit()
并返回调试输出:
DEBUG:paramiko.transport:starting thread (client mode): 0x14511d0L
INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_5.3)
DEBUG:paramiko.transport:kex algos:['diffie-hellman-group14-sha1'] server key:['ssh-rsa'] client encrypt:['aes256-cbc', 'aes128-cbc', '3des-cbc'] server encrypt:['aes256-cbc', 'aes128-cbc', '3des-cbc'] client mac:['hmac-sha1'] server mac:['hmac-sha1'] client compress:['none', '[email protected]'] server compress:['none', '[email protected]'] client lang:[''] server lang:[''] kex follows?False
ERROR:paramiko.transport:Exception: Incompatible ssh peer (no acceptable kex algorithm)
ERROR:paramiko.transport:Traceback (most recent call last):
ERROR:paramiko.transport: File "build\bdist.win32\egg\paramiko\transport.py", line 1546, in run
ERROR:paramiko.transport: self._handler_table[ptype](self, m)
ERROR:paramiko.transport: File "build\bdist.win32\egg\paramiko\transport.py", line 1618, in _negotiate_keys
ERROR:paramiko.transport: self._parse_kex_init(m)
ERROR:paramiko.transport: File "build\bdist.win32\egg\paramiko\transport.py", line 1731, in _parse_kex_init
ERROR:paramiko.transport: raise SSHException('Incompatible ssh peer (no acceptable kex algorithm)')
ERROR:paramiko.transport:SSHException: Incompatible ssh peer (no acceptable kex algorithm)
ERROR:paramiko.transport:
Connection Failed!
Incompatible ssh peer (no acceptable kex algorithm)
我已确保安装了最新版本的 pycrypto 和 paramiko。
I'm getting the following error when trying to ssh to a Cisco ACS device using the paramiko library. I've used paramiko in python without issue, and I can ssh to this box from the command line, or using putty without issue. I've turned on debugging and copied the info here. Please let me know if you can help me out.
import paramiko
import sys
import socket
try:
paramiko.common.logging.basicConfig(level=paramiko.common.DEBUG)
sshConnection = paramiko.SSHClient()
sshConnection.set_missing_host_key_policy(paramiko.AutoAddPolicy())
sshConnection.connect('server',username='username',password='password')
except paramiko.BadAuthenticationType:
sys.stdout.write('Bad Password!\n')
sys.exit()
except paramiko.SSHException, sshFail:
sys.stdout.write('Connection Failed!\n')
sys.stdout.write('%s\n' % sshFail)
sys.exit()
except socket.error, socketFail:
sys.stdout.write('Failed to open socket\n')
sys.stdout.write('%s\n' % socketFail)
sys.exit()
and the debug output returned:
DEBUG:paramiko.transport:starting thread (client mode): 0x14511d0L
INFO:paramiko.transport:Connected (version 2.0, client OpenSSH_5.3)
DEBUG:paramiko.transport:kex algos:['diffie-hellman-group14-sha1'] server key:['ssh-rsa'] client encrypt:['aes256-cbc', 'aes128-cbc', '3des-cbc'] server encrypt:['aes256-cbc', 'aes128-cbc', '3des-cbc'] client mac:['hmac-sha1'] server mac:['hmac-sha1'] client compress:['none', '[email protected]'] server compress:['none', '[email protected]'] client lang:[''] server lang:[''] kex follows?False
ERROR:paramiko.transport:Exception: Incompatible ssh peer (no acceptable kex algorithm)
ERROR:paramiko.transport:Traceback (most recent call last):
ERROR:paramiko.transport: File "build\bdist.win32\egg\paramiko\transport.py", line 1546, in run
ERROR:paramiko.transport: self._handler_table[ptype](self, m)
ERROR:paramiko.transport: File "build\bdist.win32\egg\paramiko\transport.py", line 1618, in _negotiate_keys
ERROR:paramiko.transport: self._parse_kex_init(m)
ERROR:paramiko.transport: File "build\bdist.win32\egg\paramiko\transport.py", line 1731, in _parse_kex_init
ERROR:paramiko.transport: raise SSHException('Incompatible ssh peer (no acceptable kex algorithm)')
ERROR:paramiko.transport:SSHException: Incompatible ssh peer (no acceptable kex algorithm)
ERROR:paramiko.transport:
Connection Failed!
Incompatible ssh peer (no acceptable kex algorithm)
I've made sure I have the most recent versions of pycrypto and paramiko installed.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(8)
我在服务器端使用 Debian 8 和 OpenSSH 时遇到了类似的问题。
作为快速修复,服务器端的以下 Cipher/MACs/KexAlgorithms 设置修复了该问题:
在 /etc/ssh/sshd_config 中:
不过...您应该从安全角度分析这些设置看法。我把它设置在实验室环境中,所以没有关心它。
也不确定是否可以通过这种方式修改 Cisco ACS
I was having similar issue with Debian 8 and OpenSSH on the server side.
As a quick fix, the following Cipher/MACs/KexAlgorithms settings on the server side fixes the issue:
In /etc/ssh/sshd_config:
Though... you should analyze those settings from the security point of view. I set it in lab env, so didn't take care about it.
Also not sure if you can modify it in this way for Cisco ACS
我升级了 paramiko 来解决问题:
我更新的 paramiko 版本是:
paramiko==2.0.2I upgraded the paramiko to fix the problem:
My updated version of paramiko is:
paramiko==2.0.2尝试使用 paramiko ssh 到 Aruba 设备时出现以下错误:
执行 paramiko 升级解决了此问题:
I was getting the following error when trying to ssh to an Aruba device using paramiko:
Doing a paramiko upgrade resolved this issue:
如果其他人在使用
pip install paramiko --upgrade升级后仍然遇到此问题,请确保您没有在系统范围内安装 paramiko,因为它将在 pip 之前加载,您可以使用 dpkg -l | 检查它grep paramiko,如果已安装,请将其删除并通过 pip 安装。In case anyone else is still having this issue even after upgrading using
pip install paramiko --upgrade, be sure you don't have paramiko installed system wide, because it will be loaded before the pip ones, you can check it withdpkg -l | grep paramiko, if it's installed remove it and install through pip.对我来说,我升级了 paramiko 的版本并解决了问题。具体来说,我最初通过 Ubuntu 14.04 python-paramiko 软件包安装了 paramiko,并使用 pip 将其替换为最新版本(1.10 -> 1.16)。
For me, I upgraded the version of paramiko and it resolved things. Specifically, I originally installed paramiko via the Ubuntu 14.04 python-paramiko package and replaced it with the latest using pip (1.10 -> 1.16).
该错误是在您的 paramiko 版本不支持使用您要连接的设备的密钥交换算法的情况下出现的。
在 paramiko 日志中,您可以看到连接的密钥交换算法。
因此,我建议升级到最新的 paramiko 版本,例如 2018 年的 2.4.2。此版本支持 sha1 和 sha2 密钥交换算法。
That error is in a situation where your version of paramiko does not support the key exchange algorithms that is using the device you want to connect.
In the paramiko logs you can see the key exchange algos of your connection.
So I recommend to upgrade to a recent paramiko version, for example 2.4.2 for 2018. In this version is supported sha1 and sha2 for key exchange algorithms.
这可能对OP的情况没有帮助,但希望它可以帮助其他有同样错误的人。
我遇到了一种情况,一个脚本可以很好地通过 SSH 连接到系统,但另一个类似的脚本会失败并出现相同的
错误。
事实证明,这种情况就像我剧本顶部的那句台词:
会失败,但
会成功。
我在系统上使用 virtualenvs,因此失败的
/usr/bin/python版本使用的是系统上安装的较旧的 Paramiko 版本,而/usr/bin/env python< /code> 版本在我的 virtualenv 中使用较新的 Paramiko 安装。This may not help the OP's situation, but hopefully it may help someone else with the same error.
I ran into a situation where one script would SSH into a system just fine, but another similar script would fail with the same
error.
The situation turned out to be the shebang line at the top of my script:
Would fail, while
would succeed.
I'm using virtualenvs on my system, so the failing
/usr/bin/pythonversion was using the older Paramiko version installed on the system, whereas the/usr/bin/env pythonversion was using the newer Paramiko installation in my virtualenv.我最近在将服务器从 Ubuntu 20 更新到 22 以及不同的 VPS 提供商时遇到了这个问题。手动 SSH 很好,没有任何改变,但 paramiko 破坏了我的脚本。
在本地,我的 python 3.8 venv 有:
paramiko 2.8.1在通常的连接调用中:
我收到:
paramiko.ssh_exception.SSHException:不兼容的 ssh 对等(没有可接受的主机密钥)正如Romaan 早先所说的,我需要的是:
只是想说明一下他的回答对我的背景很有帮助,表明它仍然具有相关性。
I recently came across this as I updated my server from Ubuntu 20 to 22, and a different VPS provider. Manual SSH was fine, nothing had changed, but paramiko was breaking my scripts.
Locally, my python 3.8 venv had:
paramiko 2.8.1At the usual call to connect:
I received:
paramiko.ssh_exception.SSHException: Incompatible ssh peer (no acceptable host key)As Romaan said much earlier all I needed was:
Just wanted to illustrate his helpful answer with my context to show it is still relevant.