On 31/08/2019 00:39, Lew Wolfgang wrote:
On 08/30/2019 08:41 PM, Anton Aylward wrote:
On 30/08/2019 23:21, Lew Wolfgang wrote:
On 08/30/2019 07:44 PM, Anton Aylward wrote:
On 30/08/2019 12:25, Lew Wolfgang wrote:
Are you sure that Dreamhost doesn't support ssh logins? What "certificate stuff" are you referring to? Yes it does, that was the point I was making.
I simply type "ssh antonaylward.com" and I'm logged in.
I had generated the certificate locally as per the SSH manual, then I 'push' it using 'ssh-copy-id'. Once that's in place all the SSH operations are "automatic login".
As for the use of 'no encryption', see earlier posts. Yup, once you use ssh you're stuck with full encryption by design, unless you find binary patches or recompile. Please see my earlier posts.
Yes, using ssh -c none antonaylward.com
gives me a shh connection without encryption.
When I do that I get a fully encrypted connection along with this message for one of my servers:
"No valid ciphers for protocol version 2 given, using defaults."
Another client/server (both Leap 15.1) says:
"Unknown cypher type "none""
When I do this I get:
ssh -c none antonaylward.com No valid ciphers for protocol version 2 given, using defaults. The authenticity of host 'antonaylward.com (66.33.210.248)' can't be established. ECDSA key fingerprint is d1:ff:32:eb:19:56:52:d2:73:b1xxx [MD5]. Are you sure you want to continue connecting (yes/no)?
Do you get the "No valid ciphers" message? If not, did you look at the actual ssh traffic with tcpdump or wireshark to see if it's really unencrypted?
Oops, I forgot to mention that I have stuff in my .bash_profile that sets up the environment ... eval $(keychain --nogui --gpg2 --eval --agents "ssh,gpg" id_rsa XXXXX ) and more, and since I'd already done the matching 'ssh-copy-id' .. NO I DO NOT get the "No valid ciphers" message. Only one machine operative at the moment so doing a wireshark will take a bit of setup. I need more coffee before attempting that. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org