Re: Legacy option for key length?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 2017-12-29, Dan Mahoney (Gushi) <danm@xxxxxxxxxxxxxxx> wrote:
> I occasionally manage some APC PDU devices.  I manage them via a VPN, 
> which enforces super-heavy crypto, and their access is restricted to only 
> jumphosts and the VPN.  Basically, the only time you need to log into 
> these is when you go to reboot something that's down.
> 
> Their web UI with SSL doesn't work with modern browsers.
> Their CPU is...tiny, and their SSHd implementation is...old (and, I 
> believe, proprietary).
>
> I think it defaults to RSA768, and even then, takes a good 15 seconds to 
> let you log in.

I have some of these too. I used an old browser to connect to the web interface,
turned off SSH and switched to using telnet from the jumphost instead. Given how
crappy SSH is on these even when short keys were allowed, this was overall a big
improvement.

> I googled around for the release note and the source code commit that had 
> produced this, and then tried looking for workarounds here: 
> https://www.openssh.com/legacy.html

The only workarounds are to recompile or use different software to connect.


_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux