| 1 |
On Mon, 11 Mar 2019 01:41:19 -0400, Philip Webb wrote: |
| 2 |
|
| 3 |
> That forum contains a solution : |
| 4 |
> |
| 5 |
> ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 123.123.123.123 |
| 6 |
> |
| 7 |
> That gets me thro' & I can do my work there. |
| 8 |
> |
| 9 |
> > Enable legacy and possible less secure key exchange formats and |
| 10 |
> > ciphers only per server and not globally |
| 11 |
> > and if possible upgrade the SSH server version. |
| 12 |
> |
| 13 |
> However, I've tried to insert an instruction in config files, |
| 14 |
> but nothing changes after a reboot. |
| 15 |
> I've tried adding to ~/.ssh/config & /etc/ssh/ssh_config : |
| 16 |
> |
| 17 |
> Host 128.100.160.1 |
| 18 |
> KexAlgorithms +diffie-hellman-group1-sha1 |
| 19 |
> |
| 20 |
> That is what seems to be required by 'man 5 ssh_config'. |
| 21 |
|
| 22 |
Try without the +, that works for me here. I have an appliance that uses |
| 23 |
outdated algorithms and this config works for me |
| 24 |
|
| 25 |
Host 1.2.3.4 |
| 26 |
Ciphers 3des-cbc |
| 27 |
KexAlgorithms diffie-hellman-group1-sha1 |
| 28 |
HostKeyAlgorithms ssh-dss |
| 29 |
|
| 30 |
|
| 31 |
-- |
| 32 |
Neil Bothwick |
| 33 |
|
| 34 |
New sig wanted good price paid. |
Archives