[Ovmsdev] openssh 6.7 cipher aes128-cbc
ovmsdev at caederus.org
Fri Apr 20 19:48:52 HKT 2018
On Thu, Apr 19, 2018 at 04:39:09PM -0700, Stephen Casner wrote:
> On Thu, 19 Apr 2018, Robin O'Leary wrote:
> > The log output was very brief:
> > E (43385740) ssh: Error in reception: -20
> ... If you would like to dig further, you
> can uncomment this line in components/wolfssh/component.mk and compile
> again (it may be necessary to make clean first):
> #CFLAGS += -DDEBUG_WOLFSSH
OK, so that started me on quite an adventure in to compiler errors
and git submodules, but the upshot is that wolfssh only supports
cipher aes128-cbc and openssh now has this disabled by default.
Changes since OpenSSH 6.6
* sshd(8): The default set of ciphers and MACs has been altered to
remove unsafe algorithms. In particular, CBC ciphers and arcfour*
are disabled by default.
At least for now, aes128-cbc is still supported, so I can do:
ssh -c aes128-cbc ...
or more permanently in ~/.ssh/config:
Thanks for your help pursuing this.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 181 bytes
Desc: Digital signature
More information about the OvmsDev