745
Comment:
|
780
|
Deletions are marked like this. | Additions are marked like this. |
Line 2: | Line 2: |
Links [[Linux/AddSshUserKeyOnly]] , [[Cisco/SshLogin]] | Links [[Linux/AddSshUserKeyOnly]] , [[Cisco/SshLogin]] , [[/Linux/Security/LoginHistory]] |
ssh
Links Linux/AddSshUserKeyOnly , Cisco/SshLogin , /Linux/Security/LoginHistory
ssh to old servers with unsecure ciphers
error received
Unable to negotiate with 10.10.10.1 port 22: no matching cipher found. Their offer: aes256-cbc,aes128-cbc,3des-cbc
Set key exchange
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@legacyhost # or in config KexAlgorithms +diffie-hellman-group1-sha1
List supported settings
- add -G to command line to see active setting
for available settings
ssh -Q cipher # List supported ciphers ssh -Q mac # List supported MACs ssh -Q key # List supported public key types ssh -Q kex # List supported key exchange algorithms