/
OpenSSH and login to Tru64 or OpenVMS systems

OpenSSH and login to Tru64 or OpenVMS systems

Dec 13, 2018

Problem

Starting with OpenSSH version 7.0, ciphers, hashes and key-exchange algorithms are disabled by default. This means that for newer versions of OpenSSH making a connection to Tru64 or OpenVMS systems can be a problem.

Solution

Verify your OpenSSH version using the "ssh -V" command.

Example:

# ssh -V

OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017

.

In order to connect to a Tru64 or OpenVMS system using OpenSSH V7.0 and above, please add the following lines to your ~/.ssh/config file (on the Linux server):

Host <tru64-system-nickname

  Hostname <tru64-system-real-name>

  KexAlgorithms +diffie-hellman-group1-sha1

  HostKeyAlgorithms +ssh-dss

  Ciphers +3des-cbc

On Windows, the config file has to be located in the user's folder under .ssh, usually: C:\Users\<user>\.ssh

Example:

# cat /root/.ssh/config

Host pluto5

  Hostname pluto5

  KexAlgorithms +diffie-hellman-group1-sha1

  HostKeyAlgorithms +ssh-dss

  Ciphers +3des-cbc

Or use the following command line to connect to the Tru64 system:

# ssh -o 'KexAlgorithms=+diffie-hellman-group1-sha1' -o 'HostKeyAlgorithms=+ssh-dss' -o 'Ciphers=+3des-cbc' <user>@<tru64-system-real-name>

The plus-sign ("+") tells ssh to enable the feature.

Links

More information at https://www.openssh.com/legacy.html

Related article


© Stromasys, 1999-2025  - All the information is provided on the best effort basis, and might be changed anytime without notice. Information provided does not mean Stromasys commitment to any features described. 
Need fast, reliable migration? We have done it countless times. Talk to an expert