1191
Comment:
|
1260
|
Deletions are marked like this. | Additions are marked like this. |
Line 35: | Line 35: |
== SSH socks connection == ssh -D 1337 -q -C -N user@ma.ttias.be |
ssh
Links Linux/AddSshUserKeyOnly , Cisco/SshLogin , /Linux/Security/LoginHistory
ssh to old servers with unsecure ciphers
error received
Unable to negotiate with 10.10.10.1 port 22: no matching cipher found. Their offer: aes256-cbc,aes128-cbc,3des-cbc
Set key exchange
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@legacyhost # or in config KexAlgorithms +diffie-hellman-group1-sha1
List supported settings
- add -G to command line to see active setting
for available settings
ssh -Q cipher # List supported ciphers ssh -Q mac # List supported MACs ssh -Q key # List supported public key types ssh -Q kex # List supported key exchange algorithms
Convert putty rsa public key to openssl format
Copy rsa key into clipboard and save to /tmp/key.pub e.g.
cat - > /tmp/key.pub
for key beginning with "---- BEGIN SSH2 PUBLIC KEY ----"
ssh-keygen -i -f /tmp/key.pub ## using ssh-rsa <xxx> output from previous command $ echo "ssh-rsa <xxx> Name.Surname+Note@domain.com" | sudo tee /home/<user>/.ssh/authorized_keys
SSH socks connection
ssh -D 1337 -q -C -N user@ma.ttias.be