On Wed, Nov 1, 2017 at 7:58 PM, Greg Wooledge wrote:
> The directives that work in ~/.ssh/config also work in /etc/ssh/ssh_config
> and this includes the Host matching stuff.
>
> As it says in the man page,
>
> SYNOPSIS
> ~/.ssh/config
> /etc/ssh/ssh_config
>
> Since you only want to us
On Wed, Nov 01, 2017 at 07:40:40PM +, Glenn English wrote:
> I didn't create the ~/.ssh/config file because I wanted ssh to work
> for me, no matter who I logged in as or su'ed to. I realize (or think,
> anyway) that's going to open my admin box to the darkSide. I need to
> think about that.
T
On Wed, Nov 1, 2017 at 12:47 AM, Sven Hartge wrote:
> No, this is not the solution, as this will a) set this for every
> connection and b) restrict the Cipher list to *only* this insecure
> cipher.
>
> Please read "man ssh_config". The Ciphers statement recognizes + and -
> as prefixes to add or
Glenn English wrote:
> On Wed, Nov 1, 2017 at 12:47 AM, Sven Hartge wrote:
>> What do you mean? Just create ~/.ssh/config and put a Host statement
>> like above inside it.
> No prob, and will do. I'm used to ssh creating files in config
> directories for me.
OpenSSH never did that for config f
On Wed, Nov 1, 2017 at 12:47 AM, Sven Hartge wrote:
> There are. Both sides exchange a symmetric session key to use for the
> connection. The public/private key which can be used with SSH has
> nothing to do with this.
Yeah. That what I thought it was all about -- the login keys.
> What do you
On Tue, 31 Oct 2017, Glenn English wrote:
> On Tue, Oct 31, 2017 at 9:45 PM, Don Armstrong wrote:
> > Host cisco1841
> > KexAlgorithms diffie-hellman-group1-sha
> > Ciphers aes128-cbc,3des-cbc
> > MACs hmac-md5,hmac-sha1
> >
> > in your ~/.ssh/config and then connect to the machine
Glenn English wrote:
> On Tue, Oct 31, 2017 at 9:45 PM, Don Armstrong wrote:
>> It's ~/.ssh/config.
> Typo, please excuse.
>> That's the Key-exchange algorithm.
> That kinda makes sense. It sounds like that has nothing to do with the
> problem, since there are no keys involved here.
There ar
Take it back. Doesn't work anywhere but the router. FYI...
--
Glenn English
On Tue, Oct 31, 2017 at 9:45 PM, Don Armstrong wrote:
> It's ~/.ssh/config.
Typo, please excuse.
> That's the Key-exchange algorithm.
That kinda makes sense. It sounds like that has nothing to do with the
problem, since there are no keys involved here.
> Generally, what happens is that older
On Tue, 31 Oct 2017, Glenn English wrote:
> So I looked around a bit, and the openssh website says that's a
> insecure algorithm, but I can enable it if I want to by putting some
> text in ~/.ssh.config. Except there is no ~/.ssh.config. I created one
> and put what I think is the recommended text
10 matches
Mail list logo
