[Ovmsdev] ssh documentation

Stephen Casner casner at acm.org
Sun Feb 13 08:02:37 HKT 2022


> Currently the documentation says:
>     https://docs.openvehicles.com/en/latest/userguide/console.html
>     With OpenSSH version 6.6 (or later), cipher aes128-cbc has been
>     disabled by default and needs to be enabled manually
> but this does not appear to be needed with the version of wolfssh we're
> currently using. My FreeBSD desktop has OpenSSH 7.9p1 in the base system and
> "/usr/bin/ssh -F /dev/null ovms-z.alameda.xse.com" (i.e. no config file) works
> fine.

You're right, this was a case of documentation not being updated to
match the code.  The update to WolfSSH 1.4.5 and WolfSSL 4.6.0 removed
this restriction.  That occurred a year ago (January 2021).

> Meanwhile, OpenSSH 8.8 (which I've been using via the ports system since
> October) disables ssh-rsa by default so I had to add something simlar to:
>     Host ovmsname.local
>         HostkeyAlgorithms +ssh-rsa
>         PubkeyAcceptedAlgorithms +ssh-rsa
> to my .ssh/config. If someone would confirm my understanding of the current
> state is correct, I'd be happy to generate a PR to update the doc.

That is also correct.  I believe the code as currently configured
requires an RSA key.  I see "NO_DSA" included in the user_settings.h
that might be OK to remove.  Some of the configuration trimming was to
save space and some was to avoid the need for the slow calculations.

Thanks for updating documentation.

                                                        -- Steve

More information about the OvmsDev mailing list