Thanks Jan! And Alex for your work on this... On Fri, Aug 28, 2015 at 4:06 AM, Jan Vlach <[email protected]> wrote:
> Hi Mark, > > you can also use the testing SmartOS release from Alex Wilson with > OpenSSH. I'm running it semi-production (home NAS and playground in the > internet) and it works fine for me. > > > http://www.listbox.com/member/archive/184463/2015/08/search/b3BlbnNzaA/sort/time_rev/page/1/entry/13:18/20150813215226:18C34E12-4227-11E5-B225-F38AA6195E23/ > > or search > OpenSSH SmartOS testing builds > From > Alex Wilson <[email protected]> > Date > Thu, 13 Aug 2015 18:52:18 -0700 > > There's one known bug though: > OpenSSH 7.0 contained a logic error in PermitRootLogin= > prohibit-password/without-password that could, depending on compile-time > configuration, permit password authentication to root while preventing > other forms of authentication. > This bug is corrected in OpenSSH 7.1. For more information, please refer > to the release notes > http://www.openssh.com/security.html > > It works for me(tm) with: > > KbdInteractiveAuthentication no > ChallengeResponseAuthentication no > PasswordAuthentication no > PermitRootLogin without-password > AuthorizedKeysFile /usbkey/ssh/authorized_keys > > Jan > ______________________________________________________________ > > Od: Mark Creamer <[email protected]> > > Komu: "[email protected]" < > [email protected]> > > Datum: 28.08.2015 01:29 > > Předmět: Re: [smartos-discuss] Cannot SSH to NAS (no common kex alg) > > > >Thanks again. I have a "test" smartos box I can try this on first. Thanks > >for the suggestions! > > > >On Thu, Aug 27, 2015 at 7:20 PM, Chris Ferebee <[email protected]> wrote: > > > >> Mark, > >> > >> Ah, sorry. > >> > >> Anything you do on the Synology will be overwritten by the automatic > >> updates - which I would certainly want to enable these days - unless you > >> bend over backwards. > >> > >> It's probably easier to have an up-to-date OpenSSH in the GZ. > >> > >> How about > >> > >> <https://wiki.smartos.org/display/DOC/Installing+pkgin> > >> > >> Replacing ssh in the GZ could well have unintended side-effects, but you > >> could always make SunSSH the default. > >> > >> Best, > >> Chris > >> > >> > Am 28.08.2015 um 00:22 schrieb Mark Creamer <[email protected]>: > >> > > >> > Thanks Chris, I should have been more specific. I'm interested in > >> sending files from the global zone. For example, a series of snapshots > get > >> created of the various zones, then once a day one of them for each zone > >> gets gzipped using zfs send, and then that file gets scp'd to the NAS. > Do I > >> have any options for this compatibility issue from the GZ? > >> > > >> > Thanks again, > >> > Mark > >> > > >> > On Thu, Aug 27, 2015 at 6:17 PM, Chris Ferebee <[email protected]> > wrote: > >> > Mark, > >> > > >> > in a zone you probably just want to pkgin install openssh, which will > >> give you a recent version of OpenSSH that’s compatible with current > >> Synology releases. > >> > > >> > Best, > >> > Chris > >> > > >> > > >> > > Am 27.08.2015 um 23:57 schrieb Mark Creamer <[email protected]>: > >> > > > >> > > Hi, I've seen a few posts on this issue but haven't found anything > on > >> what to do to fix it. I would like to ssh some gzipped files from my > >> SmartOS server to my Synology NAS device, and probably at some point use > >> rsync for the same task, over ssh. > >> > > > >> > > When I ssh from the SmartOS server (running 20150820T062742Z) to the > >> NAS, I get the following message: > >> > > > >> > > no common kex alg: client > >> 'diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1', server > ' > >> [email protected] > >> > ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1' > >> > > > >> > > I've seen an old post that says it's because of Sun-SSH or something > >> like that, but I also thought it was planned to be resolved in a later > >> version of SmartOS - but I have the latest. Thanks for any advice on > this. > >> > > > >> > > -- > >> > > Mark > >> > >> > > > > > > -- > > Mark > > > > -- Mark ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
