[Ovmsdev] ssh documentation
Stephen Casner
casner at acm.org
Sun Feb 13 08:02:37 HKT 2022
Craig,
> Currently the documentation says:
>
> https://docs.openvehicles.com/en/latest/userguide/console.html
>
> With OpenSSH version 6.6 (or later), cipher aes128-cbc has been
> disabled by default and needs to be enabled manually
>
> but this does not appear to be needed with the version of wolfssh we're
> currently using. My FreeBSD desktop has OpenSSH 7.9p1 in the base system and
> "/usr/bin/ssh -F /dev/null ovms-z.alameda.xse.com" (i.e. no config file) works
> fine.
You're right, this was a case of documentation not being updated to
match the code. The update to WolfSSH 1.4.5 and WolfSSL 4.6.0 removed
this restriction. That occurred a year ago (January 2021).
> Meanwhile, OpenSSH 8.8 (which I've been using via the ports system since
> October) disables ssh-rsa by default so I had to add something simlar to:
>
> Host ovmsname.local
> HostkeyAlgorithms +ssh-rsa
> PubkeyAcceptedAlgorithms +ssh-rsa
>
> to my .ssh/config. If someone would confirm my understanding of the current
> state is correct, I'd be happy to generate a PR to update the doc.
That is also correct. I believe the code as currently configured
requires an RSA key. I see "NO_DSA" included in the user_settings.h
that might be OK to remove. Some of the configuration trimming was to
save space and some was to avoid the need for the slow calculations.
Thanks for updating documentation.
-- Steve
More information about the OvmsDev
mailing list