On Sat, Jan 7, 2023 at 1:51 AM Konstantin Olchanski <olcha...@triumf.ca> wrote:
>
> > >
> > > I cannot ssh to SL6 machines from current MacOS or Debian 20 or 22:
> >
> > SL 6 is obsolete, maybe time to upgrade?
> >
>
>
> Looking on my list of SL6 machines:
>
> experiment stations: dragon, musr, bnmr/bnqr, pol, titan. these are
> medium/small sized experiments,
> all software updates must be coordinated with experiment people. each
> experiment station
> has 2 or 3 SL6 computers (analysis station and VME frontend processor).
> install ubuntu 22.04,
> rebuild all experiment software, make experiment work again. takes about 1
> month of calendar
> time per experiment station.
>
> two twist computers: upgrade by turning them off, they only exist to run
> Absoft and Intel F90 compilers.
>
> T2K/ND280 in Japan (JParc): update from SL5 recently completed.
>
> DEAP dark matter search at SNOlab: running SL6 and will not be upgraded.
>
> one former central server runs SL6 to run ruby-on-rails-based inventory
> database (does not work
> on ubuntu). likely "upgrade" is move from physical machine to a VM. ("Just
> rewrite your inventory
> database using the latest framework-du-jour!", "yessir! getting on it right
> away, sir!").
>
> For some experiments, upgrade from CentOS-7 to Ubuntu 22 and upgrade from
> Ubuntu 20 to Ubuntu 22
> has higher priority than upgrades from SL6.
>
> So SL6 machines exist, they perform useful function, it takes a significant
> effort to upgrade
> them (with no functional gain). In the mean time, nobody apprecates
> unnecessary rocking
> the boat (breaking SSH, HTTPS, etc).
It's understandable not to want upstream operating systems to break
functional features. In this case, RHEL has not updated the OpenSSH
servers on old operating systems, and OpenSSH has been using more
sophisticated protocols by default in newer configurations.l The
result is what you see. They're not alone: Microsoft has some issues
with their Bastion and git servers using obsolete OpenSSH, and
applying some similar workarounds to get around the limitations.
If you *really need* updated OpenSSH for these..... You might start
with the repos listed at
https://urldefense.proofpoint.com/v2/url?u=https-3A__rpm.pbone.net_&d=DwIBaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=UcakLkTCeAIV4S9SoffwQjqkjMlCPfhtr4xMy_NHAsSBWoBzCAgIWsS9ky6YC_Fh&s=bVD5myLc3jR7UtphL9OQoDEPEAcO8wZe7h5aOFUZb8I&e=
, namely these:
https://urldefense.proofpoint.com/v2/url?u=http-3A__rpm.pbone.net_results-5Flimit-5F1-5Fsrodzaj-5F1-5Fdl-5F40-5Fdist-5B-5D-5F74-5Fdist-5B-5D-5F79-5Ffield-5B-5D-5F1-5Ffield-5B-5D-5F2-5Fsearch-5Fopenssh-2Dserver.html&d=DwIBaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=UcakLkTCeAIV4S9SoffwQjqkjMlCPfhtr4xMy_NHAsSBWoBzCAgIWsS9ky6YC_Fh&s=MRVQZiTGmDAIs0XkcJVjQDHlek4ZTnd6llX17e-JiGo&e=
