On Thu, Apr 19, 2018 at 04:39:09PM -0700, Stephen Casner wrote:
On Thu, 19 Apr 2018, Robin O'Leary wrote:
The log output was very brief:
E (43385740) ssh: Error in reception: -20
... If you would like to dig further, you can uncomment this line in components/wolfssh/component.mk and compile again (it may be necessary to make clean first):
#CFLAGS += -DDEBUG_WOLFSSH
OK, so that started me on quite an adventure in to compiler errors and git submodules, but the upshot is that wolfssh only supports cipher aes128-cbc and openssh now has this disabled by default. From http://www.openssh.com/txt/release-6.7: Changes since OpenSSH 6.6 ========================= Potentially-incompatible changes * sshd(8): The default set of ciphers and MACs has been altered to remove unsafe algorithms. In particular, CBC ciphers and arcfour* are disabled by default. ... At least for now, aes128-cbc is still supported, so I can do: ssh -c aes128-cbc ... or more permanently in ~/.ssh/config: Host chevaline Ciphers +aes128-cbc Thanks for your help pursuing this.