Re: Suggested way to ssh into obsolete devices (with old ssh crypto)?
On Tue, Jul 06, 2021 at 12:05:41PM -0400, Stefan Monnier wrote:
> > Like you, I have been using CLI options to the ssh command to adjust the
> > necessary algorithms if I need something "insecure".
>
> You should be able to set that option for a specific (set of) hosts in
> .ssh/config so you don't have to repeat it on the CLI every time.
>
> > My thought is that once that no longer serves the purpose, I would
> > setup a VM, container,
>
> I think the first reaction should be to report it as a bug, so that the
> old cipher is re-added. I think the same argument in favor of including
> the "none" cipher should apply to including old deprecated ciphers.
>
>
> Stefan
>
The old ciphers are generally removed for a reason: because they are hugely
insecure.
I wouldn't ask for the old ciphers to be re-added to a new version of ssh.
Just my €0.02
Andy Cater
Reply to: