-
Notifications
You must be signed in to change notification settings - Fork 76
SSH with old systems
Alexander Saprykin edited this page Sep 8, 2023
·
2 revisions
Many unsupported systems run outdated SSH stack, and one may need to specify explicitly some SSH parameters to connect from outside. This can be done in two ways. First way is to specify required parameters in the host config file ~/.ssh/config to allow using insecure cryptographic algorithms:
Host xxx.xxx.xxx.xxx
KexAlgorithms +diffie-hellman-group1-sha1
Ciphers aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
User <username>
PubkeyAcceptedAlgorithms +ssh-rsa
HostkeyAlgorithms +ssh-rsa
Alternatively, one can pass all arguments to ssh or scp command: -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-dss -c aes128-cbc.