[illumos-Developer] ssh cipher on IlluminOS

Albert Lee trisk at opensolaris.org
Sun Aug 29 12:37:58 PDT 2010


On Sun, Aug 29, 2010 at 4:35 AM, Gabriele Bulfon <gbulfon at sonicle.com> wrote:
>
> Hi,
> I happened on an unexpected behaviour while trying to connect via ssh to my illuminos machine.
> I was trying to use my Nokia N82 to connect via Putty, just to issue an "init 5" (too lazy to go
> down the studio at 1:00am to switch off the machine!).
> I use it often to connect to Sun Solaris machines and run quick commands.
> This is the answer I received from the IllumOS machine:
>
> "Couldn't agree a client-to-server cipher (available: aes128-ctr,aes192-ctr,a... can't read on...)"
>
> Somthing wrong with crypt?
> Putty works fine on IllumOS when used from Windows.
> Gabriele.

CBC cipher modes were removed from the default list of ciphers in the
SunSSH server because of security concerns:
http://hub.opensolaris.org/bin/view/Community+Group+on/2009012201
Some older clients may not support the CTR or arcfour ciphers which
are enabled by default. You may override the cipher list with the
'Ciphers' directive in sshd_config(4), but you should upgrade your
client if possible.

-Albert



More information about the Developer mailing list