From what I read in the release notes on openssh.com, dsa and rsa and a
whole bunch of other ciphers were depricated. The ssh-keygen program
and man page both need updating to reflect these changes. In the past,
I had generated a key set then copied the key up using ssh-copy-id and I
was able to log in after that with ssh. One thing I don't quite
understand in the release notes is a public key (my guess is generated
by gnupg) will be needed to use openssh at all. I hope not since gpg is
its own drum of worms and it wasn't explained how to integrate the keys
in those release notes either unless I heard the explanation and didn't
understand it.
On Tue, 18 Aug 2015, Tony Baechler wrote:
Date: Tue, 18 Aug 2015 05:11:17
From: Tony Baechler <tony@xxxxxxxxxxxx>
Reply-To: Linux for blind general discussion <blinux-list@xxxxxxxxxx>
To: Linux for blind general discussion <blinux-list@xxxxxxxxxx>
Subject: Re: openssh update broke connectivity
OK, shellworld was the wrong host, but the information still applies. Even
generating new keys might not solve the problem. You probably have to edit
ssh_config to allow the weaker cyphers or downgrade your ssh client. I would
suggest asking them to upgrade their sshd or to generate stronger host keys.
The change log clearly explains this in much more detail.
No, you should be able to use password authentication, so you should not use
plain, unsecure ftp except in an emergency. That's assuming they allow
password authentication which is the default in most cases. You can still
use rsync or ssh to connect with a regular password. Since it won't connect
and isn't asking you for a password, this makes me think the problem is with
their sshd using weaker cyphers and there probably isn't much you can do
about it except write to them and explain the situation. For now, I would
suggest going back to an older ssh client.
On 8/17/2015 7:43 AM, Jude DaShiell wrote:
I need to find out which are the strong ciphers and use one of them to
generate a key set. Even so, I'm on panix.com not shellworld.net and I
cannot update my authorized-keys file with keys using a different cipher
using ssh-copy-id. I'll have to use garden variety ftp to do the update
_______________________________________________
Blinux-list mailing list
Blinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/blinux-list
--
_______________________________________________
Blinux-list mailing list
Blinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/blinux-list