it should support some older algos now. yeah, it's OpenSSH 10.2 with
default settings, and it being an OpenBSD project, it comes up very very
secure. Also Debian 12 is now oldstable, you may want to upgrade.
On 1/2/2026 15:04, Baptiste Jonglez via cfarm-users wrote:
Hi Dagobert,
On 01-01-26, Dagobert Michelsen via cfarm-users wrote:
Hi,
cfarm210 is now equipped with FractalKit packages in /usr/local and also has an
updated OpenSSH.
Could someone please add this information to
https://portal.cfarm.net/machines/list/ ?
Thanks, I just updated the description. Is /usr/local in the default PATH?
However, the new OpenSSH server seems very picky about key exchange
algorithms. Even a stock Debian 12 SSH client (on the management host)
cannot connect:
no matching key exchange method found. Their offer:
mlkem768x25519-sha256,sntrup761x25519-sha512,[email protected],curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,ext-info-s,[email protected]
We typically use the default software/settings provided by the OS.
When we divert from the defaults, we prefer to maintain wide compatibility
rather than configure with the highest levels of security.
Could you configure the SSH server to be more permissive?
Thanks,
Baptiste
_______________________________________________
cfarm-users mailing list
[email protected]
https://lists.tetaneutral.net/listinfo/cfarm-users
_______________________________________________
cfarm-users mailing list
[email protected]
https://lists.tetaneutral.net/listinfo/cfarm-users
