You are not logged in.
I have a device that appears to be running a very old/limited version of dropbear SSH server from 2008 which seems to only support sha1 kex. A while back OpenSSH disabled diffie-hellman-group1-sha1 kex support and I had to change to using dbclient, but a recent upgrade of the dropbear package seems to have disabled compatibility with that algo.
I've reverted to an older dropbear version for the moment, but are there any current clients that support sha1? Also checked zssh, which whill not support sha1 kex
Suggestions for other workaround are also welcome - I can't update the server device though.
Last edited by TheColonel (2018-10-11 14:31:38)
Offline
I had a similar issue but just added KexAlgorithms=+diffie-hellman-group1-sha1 to each of my affected hosts in my ~/.ssh/config.
Offline
Ah, oops, I had done that previously but it turns out there was actually a cipher disabled by default at some point which I think is what actually got me to switch to dropbear.
I was able to move back to OpenSSH by enabling the cipher "Ciphers +aes256-cbc' in the host's config.
Offline