「ONTAP 9.16.1P1以降でssh.sshrsa.defDisabledFuture"エラーが発生する

最後の更新
PDFとして保存

Views:

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: core

Last Updated:

環境

ONTAP 9.16.1P1以降

問題

ONTAP 9.16.1P1以降で、ems.logに次のエラーが報告されます。

Message Name: ssh.sshrsa.defDisabledFuture Severity: ERROR Description: This message informs the user that future ONTAP releases will, by default, disable the "ssh-rsa (RSA/SHA-1)" form of the signature scheme used with RSA keys for host-based authentication and publickey-based user authentication. Corrective Action: To avoid future errors, do the following before upgrading to future ONTAP release, where RSA/SHA-1 will be disabled by default: 1. Upgrade previous SSH clients, using RSA/SHA-1 for host-based authentication or publickey-based user authentication to newer versions, or 2. Switch to other types of keys, both for host-based authentication and publickey-based user authentication, for example ECDSA or ED25519. If neither is possible, then in future ONTAP releases, RSA/SHA-1 can be reconfigured using the "security ssh modify" command or using the PATCH method on "/api/security/ssh" or "/api/security/ssh/svms/{svm.uuid}" REST API.