You are here
Hi All - Just installed thge latest TK LAMP on 386 system...I am connecting with a package that requires diffie-hellman-group1-sha1 and whenever I follow the instructions for adding that option it fails.
$ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 192.168.1.200
After entering the above, the following is returned:
Unsupported KEX algorithm "+diffie-hellman-group1-sha1"
command-line 0: Bad SSH2 Kex Algorithms '+diffie-hellman-group1-sha1'.
Can anyone provide info on why that algorithm cannot be added?
Please note that I understand the security implications and that this on a private network between machines in a testing environment and, more importantly physically off-line with no connection to internet and that the client (using diffie-hellman) cannot be changed and is a needed tool. So the only alternative is for TK Linux to have diffie-hellman added as an algorithm. There is no exception.
You help is very much appreciated!!
Should be supported...
Not that I've ever done it, but TurnKey should support what you are trying to do; both as a server and as a client. To prove that please see detail below (from v14.1 TKLDev - but would be consistent across all v14.1 builds):
Hang on, actually it looks like using the '+' was only introduced in OpenSSH v7.0 but TurnKey only has v6.7:
So my guess is that the workaround noted here may be what you need?!
Tx - Will try
Tx - Will try this and see if I can get it to work without the '+'. I appreciate your suggestion and help Jeremy!
Best regards,
Michael
Add new comment