This bug is coming up on it's TEN YEAR anniversary! HP has had 10 years to fix the broken ssh implementations in these devices. They no longer care about these older products, and even the slightly newer devices fail to support modern crypto and have other bugs.
I think this bug can continue to document work-arounds but should be tagged wontfix and no priority placed on compatibility with these old broken products. (still possible currently, but sha1, 3des, md5, cbc, etc. will eventually be disabled and will stop) Hopefully this will also serve as an example to HP and other vendors that choosing to use proprietary firmware on these devices is both inferior and not as cost effective. If they had used something like dropbear for the ssh implemention there would be no compatibility problems and they'd also have support for all the latest crypto. Here's an idea for HP: they are working on new IoT software stacks that will use FOSS technologies and prioritize security. As a demonstratation of these new software stacks, why not port them to older iLO devices first. iLO devices could be considered some of the first IoT devices :) -- Matt Taggart tagg...@debian.org