Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
How to DOWNgrade ssh security requirements (Key Length)
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Amon2501
Tux's lil' helper
Tux's lil' helper


Joined: 12 Dec 2018
Posts: 140

PostPosted: Mon Jul 01, 2024 9:42 am    Post subject: How to DOWNgrade ssh security requirements (Key Length) Reply with quote

Hello. I have the Cisco ISR 3945 router (and a few switches too) which dont support the modern ssh key length requirements (ie >1024 bytes afaik) and seems like never will do, its already end of support. Replacing that router will cost a lot of money and time so its gonna be "maybe someday". But now i need to connect to that router sometimes using ssh. And NO telnet isnt an option, because bad encryption is still better than no encryption at all. If using my another PC with Fedora i could just type
Code:
update-crypto-policies --set LEGACY
once and everything working fine as before. But i cant connect to that old ssh based devices using my Gentoo pc. The only way is to ssh to that Fedora pc and then to chain ssh to that router from it. How can i downgrade that crypto requirement on my Gentoo pc too?
Back to top
View user's profile Send private message
sdauth
l33t
l33t


Joined: 19 Sep 2018
Posts: 651
Location: Ásgarðr

PostPosted: Mon Jul 01, 2024 1:56 pm    Post subject: Reply with quote

Does this work ? (I added something similar to my ~/.ssh/config years ago to access the (outdated) dropbear daemon of an iPhone 3G)

~/.ssh/config

Code:
Host cisco
    HostName cisco_ip
    User root
    HostKeyAlgorithms +ssh-rsa,+ssh-dss
Back to top
View user's profile Send private message
Hu
Administrator
Administrator


Joined: 06 Mar 2007
Posts: 22660

PostPosted: Mon Jul 01, 2024 2:39 pm    Post subject: Reply with quote

If you need more help, please provide us something with which to work. How exactly did you determine that ssh security requirements are your problem? Which specific security requirement is it?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum