| View previous topic :: View next topic |
| Author |
Message |
Amon2501
Tux's lil' helper
Joined: 12 Dec 2018
Posts: 140
|
 Posted: Mon Jul 01, 2024 9:42 am Post subject: How to DOWNgrade ssh security requirements (Key Length) |
 |
|
Hello. I have the Cisco ISR 3945 router (and a few switches too) which dont support the modern ssh key length requirements (ie >1024 bytes afaik) and seems like never will do, its already end of support. Replacing that router will cost a lot of money and time so its gonna be "maybe someday". But now i need to connect to that router sometimes using ssh. And NO telnet isnt an option, because bad encryption is still better than no encryption at all. If using my another PC with Fedora i could just type | Code: | | update-crypto-policies --set LEGACY |
once and everything working fine as before. But i cant connect to that old ssh based devices using my Gentoo pc. The only way is to ssh to that Fedora pc and then to chain ssh to that router from it. How can i downgrade that crypto requirement on my Gentoo pc too? |
|
| Back to top |
|
 |
sdauth
l33t
Joined: 19 Sep 2018
Posts: 644
Location: Ásgarðr
|
| Posted: Mon Jul 01, 2024 1:56 pm Post subject: |
|
|
Does this work ? (I added something similar to my ~/.ssh/config years ago to access the (outdated) dropbear daemon of an iPhone 3G)
~/.ssh/config
| Code: | Host cisco
HostName cisco_ip
User root
HostKeyAlgorithms +ssh-rsa,+ssh-dss |
|
|
| Back to top |
|
|
Hu
Administrator
Joined: 06 Mar 2007
Posts: 22613
|
| Posted: Mon Jul 01, 2024 2:39 pm Post subject: |
|
|
| If you need more help, please provide us something with which to work. How exactly did you determine that ssh security requirements are your problem? Which specific security requirement is it? |
|
| Back to top |
|
|
|
Networking & Security
