Subject: | |
From: | |
Reply To: | |
Date: | Thu, 12 Jan 2023 18:23:40 -0800 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
On Thu, Jan 05, 2023 at 08:18:14PM -0800, Konstantin Olchanski wrote:
> I cannot ssh to SL6 machines from current MacOS or Debian 20 or 22:
> root@daq00:~# ssh ladd00
> Unable to negotiate with 142.90.111.60 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss
> bash-3.2$ ssh -oHostKeyAlgorithms=+ssh-rsa -oPubKeyAcceptedAlgorithms=+ssh-rsa ladd00
A solution is to build and install openssh from BSD sources:
xttps://daq00.triumf.ca/DaqWiki/index.php/SLinstall#Update_SL6_ssh
Build openssh:
ssh sl6-machine
cd git
git clone git://anongit.mindrot.org/openssh.git
cd openssh
autoreconf
xemacs -nw ./configure ### fix syntax error: line 28124 empty "if/then/else" block bombs out, fill it with "AAA=aaa"
./configure --prefix=/opt/openssh
make -j
Install openssh:
ssh root@sl6-machine
cd .../git/openssh
make install ### copies stuff to /opt/openssh
/opt/openssh/sbin/sshd -p 2222 -d ### test sshd
/opt/openssh/bin/ssh -v sl6-machine ### test ssh
If you want to live dangerously, you are welcome to use my binary kit:
ssh root@sl6-machine
cd /opt
git clone xttps://daq00.triumf.ca/~olchansk/git/openssh.git
/bin/cp -pv /etc/ssh/*key* /opt/openssh/etc/ ### copy old ssh host keys
/opt/openssh/bin/ssh-keygen -A ### generate any missing ssh host keys
# test sshd /opt/openssh/sbin/sshd -p 2222 -d
/bin/mv /usr/sbin/sshd /usr/sbin/sshd-SL6
/bin/ln -s /opt/openssh/sbin/sshd /usr/sbin/
/bin/mv /usr/bin/ssh /usr/bin/ssh-SL6
/bin/ln -s /opt/openssh/bin/ssh /usr/bin/
service sshd restart
If you do this, do inspect the git commit history of ssh_config and sshd_config
in cas eyou disagree with my customizations.
--
Konstantin Olchanski
Data Acquisition Systems: The Bytes Must Flow!
Email: olchansk-at-triumf-dot-ca
Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
|
|
|