Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision |
faq:tcpip [2017/06/06 22:16] – Added SSH Key Exchange algorithm FAQ digital man | faq:tcpip [2018/03/04 22:53] – [Ports] Add port 587 deuce |
---|
|RLogin |513 |- |Optional for quick-login from RLogin clients (e.g. SyncTERM)| | |RLogin |513 |- |Optional for quick-login from RLogin clients (e.g. SyncTERM)| |
|SMTP |25 |- |Necessary for receiving Internet e-mail and inter-BBS instant messages| | |SMTP |25 |- |Necessary for receiving Internet e-mail and inter-BBS instant messages| |
| |Submission |587 |- |Necessary for users to send Internet e-mail through the BBS from a standard e-mail client| |
|POP3 |110 |- |Allows BBS users to check their e-mail using standard Internet mail clients (e.g. Outlook Express)| | |POP3 |110 |- |Allows BBS users to check their e-mail using standard Internet mail clients (e.g. Outlook Express)| |
|FTP |21 |- |Allows access to the BBS file/download areas using a standard FTP client or web browser| | |FTP |21 |- |Allows access to the BBS file/download areas using a standard FTP client or web browser| |
| |
:!: **Answer:**\\ | :!: **Answer:**\\ |
Synchronet uses [[http://www.cs.auckland.ac.nz/~pgut001/cryptlib/|Cryptlib]], a cryptographic library, for SSH and TSL/SSL support in Synchronet. Cryptlib's SSH support uses an older "Key Exchange Algorithm". OpenSSH has deprecated support for this older key exchange algorithm. | |
| //**NOTE: This has been fixed in CVS now.**// |
| |
| Synchronet uses [[http://www.cs.auckland.ac.nz/~pgut001/cryptlib/|Cryptlib]], a cryptographic library, for SSH and TSL/SSL support in Synchronet. Cryptlib's v3.4.2 SSH support uses an older "Key Exchange Algorithm". OpenSSH has deprecated support for this older key exchange algorithm. Cryptlib v3.4.4, the currently latest version of Cryptlib now used by Synchronet, does not have this problem. |
| |
From the OpenSSH [[http://www.openssh.com/legacy.html|legacy page]]: | From the OpenSSH [[http://www.openssh.com/legacy.html|legacy page]]: |
Host yourbbs.com | Host yourbbs.com |
KexAlgorithms diffie-hellman-group1-sha1 | KexAlgorithms diffie-hellman-group1-sha1 |
| |
| **Note:** |
| If you created this file to work-around the cryptlib v3.4.2 compatibility issue, you will need to remove this file or modify it after updating to cryptlib v3.4.4 (currently, the latest). |
| |
or in the ''~/.ssh/config'' file (OpenSSH v7): | or in the ''~/.ssh/config'' file (OpenSSH v7): |
| |
Note: Run ''ssh -V'' to see what version of OpenSSH you have. | Note: Run ''ssh -V'' to see what version of OpenSSH you have. |
| |
| :!: **Answer:**\\ |
| Another observed problem is with the negotiated Message Authentication Code (MAC) algorithm. |
| |
| Workaround for OpenSSH (reported by nelgin): |
| |
| $ ssh -m hmac-md5 user@yourbbs.com |
| |
| |
===== See Also ===== | ===== See Also ===== |