Difference between revisions of "Enable Legacy Cipher in Linux for SecureCRT"
(Created page with "upporting legacy ciphers for backwards compatibility is necessary to connect "ssh" with SecureCRT. The ssh server "sshd" ciphers can be configured via the file: vi /etc/ssh/...") |
|||
Line 1: | Line 1: | ||
− | + | SecureCRT version 3.1.2 has a limited selection of available ciphers. It is an old version of the client. In the past when the selections | |
+ | *Cipher: 3DES | ||
+ | *MAC: MD5 | ||
+ | where used, the client connected to the linux system sshd server (OpenSSH). SecureCRT is actually using the cipher "3des-cbc" specifically. | ||
+ | |||
+ | Supporting legacy ciphers for backwards compatibility is necessary to connect "ssh" with SecureCRT. The ssh server "sshd" ciphers can be configured via the file: | ||
vi /etc/ssh/sshd_config | vi /etc/ssh/sshd_config | ||
See what ciphers are available on your system: | See what ciphers are available on your system: | ||
Line 5: | Line 10: | ||
Even though 3des-cbc is enabled in the configuration, the client using 3des-cbc is rejected, as evidence in the log | Even though 3des-cbc is enabled in the configuration, the client using 3des-cbc is rejected, as evidence in the log | ||
cat /var/log/auth.log | cat /var/log/auth.log | ||
+ | |||
It turns out that number of version 2 ciphers have been disabled in the 6.7p1-1 release of openssh. Lets see what version of OpenSSH we have. | It turns out that number of version 2 ciphers have been disabled in the 6.7p1-1 release of openssh. Lets see what version of OpenSSH we have. | ||
dpkg-query -l|grep -i openssh | dpkg-query -l|grep -i openssh | ||
Debian Linux Jessie reports openssh-server 1:6.7p1-5+deb8u3 which has the following ciphers disabled: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,arcfour128,arcfour256,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se | Debian Linux Jessie reports openssh-server 1:6.7p1-5+deb8u3 which has the following ciphers disabled: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,arcfour128,arcfour256,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se |
Revision as of 23:11, 26 February 2017
SecureCRT version 3.1.2 has a limited selection of available ciphers. It is an old version of the client. In the past when the selections
- Cipher: 3DES
- MAC: MD5
where used, the client connected to the linux system sshd server (OpenSSH). SecureCRT is actually using the cipher "3des-cbc" specifically.
Supporting legacy ciphers for backwards compatibility is necessary to connect "ssh" with SecureCRT. The ssh server "sshd" ciphers can be configured via the file:
vi /etc/ssh/sshd_config
See what ciphers are available on your system:
ssh -Q cipher localhost
Even though 3des-cbc is enabled in the configuration, the client using 3des-cbc is rejected, as evidence in the log
cat /var/log/auth.log
It turns out that number of version 2 ciphers have been disabled in the 6.7p1-1 release of openssh. Lets see what version of OpenSSH we have.
dpkg-query -l|grep -i openssh
Debian Linux Jessie reports openssh-server 1:6.7p1-5+deb8u3 which has the following ciphers disabled: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,arcfour128,arcfour256,aes128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se