1 |
On Mon, 11 Mar 2019 01:41:19 -0400, Philip Webb wrote: |
2 |
|
3 |
> That forum contains a solution : |
4 |
> |
5 |
> ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 123.123.123.123 |
6 |
> |
7 |
> That gets me thro' & I can do my work there. |
8 |
> |
9 |
> > Enable legacy and possible less secure key exchange formats and |
10 |
> > ciphers only per server and not globally |
11 |
> > and if possible upgrade the SSH server version. |
12 |
> |
13 |
> However, I've tried to insert an instruction in config files, |
14 |
> but nothing changes after a reboot. |
15 |
> I've tried adding to ~/.ssh/config & /etc/ssh/ssh_config : |
16 |
> |
17 |
> Host 128.100.160.1 |
18 |
> KexAlgorithms +diffie-hellman-group1-sha1 |
19 |
> |
20 |
> That is what seems to be required by 'man 5 ssh_config'. |
21 |
|
22 |
Try without the +, that works for me here. I have an appliance that uses |
23 |
outdated algorithms and this config works for me |
24 |
|
25 |
Host 1.2.3.4 |
26 |
Ciphers 3des-cbc |
27 |
KexAlgorithms diffie-hellman-group1-sha1 |
28 |
HostKeyAlgorithms ssh-dss |
29 |
|
30 |
|
31 |
-- |
32 |
Neil Bothwick |
33 |
|
34 |
New sig wanted good price paid. |