NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: bin/49297: openssh update broke sshd
On Tue, Oct 21, 2014 at 09:02:17AM -0400, Christos Zoulas wrote:
> Yes, they removed a whole bunch of ciphers because they are not supporting
> them anymore. We could either consider bringing them back, or you need to
> upgrade your windows ssh to something newer.
Indeed, and the log messages were only partly helpfull (the cipher string
was loged, but the key exchange I had to trial&error).
For the record, adding this to /etc/ssh/sshd_conf worked around it for me:
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm%openssh.com@localhost,aes256-gcm%openssh.com@localhost,chacha20-poly1305%openssh.com@localhost,aes128-cbc
KexAlgorithms curve25519-sha256%libssh.org@localhost,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
I wonder how we best should document the issue to avoid folks locking them
out accidently on update.
Martin
Home |
Main Index |
Thread Index |
Old Index