Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
September 27, 2003, 9:53 am
rate this thread
commandline each time. I am able to get successfull operation using
blowfish encryption by adding the line
when I ssh -v to another server I get confirmation that blowfish-cbc
is being used in both directions.
However, the man page for ssh says that you can supply a comma
delimited listing of preferred ciphers in order of preference, which I
try to do by modifying the above line in ssh_config to the following
and then when I try to ssh, I get this.
debug1: Reading configuration data /etc/ssh/ssh_config
/etc/ssh/ssh_config line 34: Bad cipher '"blowfish-cbc,3des-cbc"'.
The same thing happens when I remove the -cbc from both cipher names.
I've tried formatting this a whole bunch of different ways. Adding a
space between the comma and the 2nd cipher, no comma with a space,
wrapping the whole thing in double quotes. Nothing works.
Is this functionality just broken? I can't get it to work on my
FreeBSD machien running 3.5p1, nor on a redhat machine running 3.7.1p1
The same error occurs when I try forcing the server to only accept a
certain set of ciphes in order of blowfish,3des. The daemon wont
start saying there is an error in /etc/ssh/sshd_config.
Re: cipher specifications in ssh_config and sshd_config
ssh has two cipher directives, "Cipher" which sets the cipher for SSHv1
(values such as "blowfish" or "3des") and "Ciphers" which specifies a
comma-separated list of candidate ciphers (eg "aes128-cbc,3des-cbc") for
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- » Problems Establishing ssh Connection With 802.11a Wireless Canopy System
- — Next thread in » Secure Shell Forum
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum