I can no longer ssh to sourceforge from a centos6 host: fails with
"Unable to negotiate a key exchange method" error.. sf.net advised
me to upgrade to openssh 5.7 or later (centos6 has 5.3.)
Upon browsing https://archives.fedoraproject.org/pub/archive/, and
also https://src.fedoraproject.org/rpms/openssh, the closest srpm I
can see is:
https://archives.fedoraproject.org/pub/ ... 16.src.rpm
Can anyone please tell me whether there are any details / pitfalls
that I should be watchful for while upgrading?
Thanks in advance.
P.S.: Yes, I know that CentOS 6 has been EOL since the end of 2020.
upgrading to a newer openssh version in centos6
Re: upgrading to a newer openssh version in centos6
What that's telling you is that it's about time you got off CentOS 6. It's been dead for 2 years now and there are already root exploits available to break into it. Put your effort into getting off it, not into bodging it.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: upgrading to a newer openssh version in centos6
Not what I asked. (Thanks anyway though, I guess..)
Re: upgrading to a newer openssh version in centos6
FYI: I actually managed to make things work without installing a new openssh
(rhel6 openssh-5.3 is heavily patched to include ecdh, etc).
The only thing I had to do was create a ~/.ssh/config and put the following
line in there:
The first three are the ones negotiated by sf and are actually available but
just not default. So, it just works.
(rhel6 openssh-5.3 is heavily patched to include ecdh, etc).
The only thing I had to do was create a ~/.ssh/config and put the following
line in there:
Code: Select all
KexAlgorithms=ecdh-sha2-nistp521,ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
just not default. So, it just works.
Re: upgrading to a newer openssh version in centos6
Doesn't change the fact that CentOS 6 has been EOL for nearly 3 years (Nov 2020) and there have been numerous high severity security vulnerabilities discovered since then and none of them are fixed in CentOS 6. You really need to get off it ASAP..
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke