1 |
190311 Neil Bothwick + Mick wrote: |
2 |
NB> Try without the +, that works for me here. I have an appliance |
3 |
> that uses outdated algorithms and this config works for me |
4 |
> Host 1.2.3.4 |
5 |
> Ciphers 3des-cbc |
6 |
> KexAlgorithms diffie-hellman-group1-sha1 |
7 |
> HostKeyAlgorithms ssh-dss |
8 |
|
9 |
I tried adding the 2 extra lines to ~/.ssh/config , but no joy. |
10 |
I didn't reboot, but it's not clear that that would make any difference. |
11 |
|
12 |
M> As I understand it the "+" merely adds one more cipher to the collection. |
13 |
> This is probably safer. If the server has been updated |
14 |
> and non-legacy key exchange algorithms are now available they can be used. |
15 |
> Without "+" the directive for the client is exclusive : |
16 |
> only use this algorithm and nothing else. |
17 |
|
18 |
That's what the 'man' says. |
19 |
|
20 |
NB> That's how I read it, but it says it appends to the list, |
21 |
> so this is the last option tried, |
22 |
> while an earlier one could possibly be triggering the failure. |
23 |
> With + would be better, but it would be worth trying without. |
24 |
|
25 |
I tried both & neither gets Ssh to recognise the config. |
26 |
|
27 |
This is a puzzle : are they any other suggestions ? |
28 |
|
29 |
-- |
30 |
========================,,============================================ |
31 |
SUPPORT ___________//___, Philip Webb |
32 |
ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto |
33 |
TRANSIT `-O----------O---' purslowatchassdotutorontodotca |