Have you tried specifying all the cyphertypes your system support? I manually
ran the command ssh -vvv <device> and read the (incredibly plentiful) output to
find what my system was offering; then, I just specified all of them in
.cloginrc. The target system will only accept those cypher it supports, so
there's no harm to the SSH protocol to offer as many as you want.
If you're interested in being security conscious, that's a much more involved
discussion. I've not researched that - while I'm aware of the discussion around
the topic, I'm nonetheless much more concerned (in my current job, anyway) with
inter-operability than encryption strength.
weylin
On 3/7/18, 5:01 PM, "sebastien.boulia...@cpu.ca" <sebastien.boulia...@cpu.ca>
wrote:
Hi guys,
I am curious to know which cypertype do you use to connect to Cisco and
Fortinet devices ?
I use aes256-ctr aes256-cbc but I would like to know which others cypertype
work.
Thanks for your answer.
Sebastien
_______________________________________________
Rancid-discuss mailing list
Rancid-discuss@shrubbery.net
http://www.shrubbery.net/mailman/listinfo/rancid-discuss
