20 Apr
2018
20 Apr
'18
7:48 p.m.
On Thu, Apr 19, 2018 at 04:39:09PM -0700, Stephen Casner wrote:
On Thu, 19 Apr 2018, Robin O'Leary wrote:
The log output was very brief:
E (43385740) ssh: Error in reception: -20
... If you would like to dig further, you can uncomment this line in components/wolfssh/component.mk and compile again (it may be necessary to make clean first):
#CFLAGS += -DDEBUG_WOLFSSH
OK, so that started me on quite an adventure in to compiler errors and git submodules, but the upshot is that wolfssh only supports cipher aes128-cbc and openssh now has this disabled by default. From http://www.openssh.com/txt/release-6.7:
Changes since OpenSSH 6.6
=========================
Potentially-incompatible changes
* sshd(8): The default set of ciphers and MACs has been altered to
remove unsafe algorithms. In particular, CBC ciphers and arcfour*
are disabled by default.
...At least for now, aes128-cbc is still supported, so I can do:
ssh -c aes128-cbc ...or more permanently in ~/.ssh/config:
Host chevaline
Ciphers +aes128-cbcThanks for your help pursuing this.