Windows下使用SSH链接到旧设备

正好今天遇到一个旧设备有点问题，须要经过SSH的方式链接上去检查。Windows 10自带了SSH命令，能够直接链接而没必要寻求其它工具的支持了。若是看不到图，请点我。

结果发现没法链接，显示协商错误。目标机器须要使用Diffie-Hellman密钥交换协议中group1-sha1的方式。因而加上参数继续链接

可是继续遇到错误，显示旧设备只支持3des-cbc的加密方式。只能再加上参数链接。
因而整条命令变成了这个：
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc root@192.168.248.216

结果，仍然有问题。显示密钥长度无效。

通过各类资料查找，发现是openssh在7.6和之后的版本中去掉了对小于1024位密钥的支持。
OpenSSH 7.6/7.6p1 (2017-10-03)
OpenSSH 7.6 was released on 2017-10-03. It is available from the
mirrors listed at https://www.openssh.com/.

OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.

Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html

Potentially-incompatible changes

This release includes a number of changes that may affect existing
configurations:

• ssh(1): delete SSH protocol version 1 support, associated
  configuration options and documentation.

• ssh(1)/sshd(8): remove support for the hmac-ripemd160 MAC.

• ssh(1)/sshd(8): remove support for the arcfour, blowfish and CAST
  ciphers.

• Refuse RSA keys <1024 bits in length and improve reporting for keys
  that do not meet this requirement.

• ssh(1): do not offer CBC ciphers by default.
  https://www.openssh.com/releasenotes.html

检查一下Windows 10上的SSH版本
ssh -V

已是7.7了。因此没法支持旧设备了。

找了个Linux机器，看一下SSH的版本信息。

因而，顺利连上设备。

对于命令中那么长的参数。其实能够在配置文件中指定，Windows上的配置文件位于用户配置文件目录下.ssh目录中。默认并无config文件，须要手动建立。写入如下内容：Host 192.168.248.216KexAlgorithms +diffie-hellman-group1-sha1Ciphers +3des-cbc这样就能够直接链接设备了，不过对于密钥长度的支持这个没法解决。因此对于有老旧设备的环境中也最好保留1台能够链接的设备以备不时之需。