Hi Mark, you can also use the testing SmartOS release from Alex Wilson with OpenSSH. I'm running it semi-production (home NAS and playground in the internet) and it works fine for me.
http://www.listbox.com/member/archive/184463/2015/08/search/b3BlbnNzaA/sort/time_rev/page/1/entry/13:18/20150813215226:18C34E12-4227-11E5-B225-F38AA6195E23/ or search OpenSSH SmartOS testing builds From Alex Wilson <[email protected]> Date Thu, 13 Aug 2015 18:52:18 -0700 There's one known bug though: OpenSSH 7.0 contained a logic error in PermitRootLogin= prohibit-password/without-password that could, depending on compile-time configuration, permit password authentication to root while preventing other forms of authentication. This bug is corrected in OpenSSH 7.1. For more information, please refer to the release notes http://www.openssh.com/security.html It works for me(tm) with: KbdInteractiveAuthentication no ChallengeResponseAuthentication no PasswordAuthentication no PermitRootLogin without-password AuthorizedKeysFile /usbkey/ssh/authorized_keys Jan ______________________________________________________________ > Od: Mark Creamer <[email protected]> > Komu: "[email protected]" <[email protected]> > Datum: 28.08.2015 01:29 > Předmět: Re: [smartos-discuss] Cannot SSH to NAS (no common kex alg) > >Thanks again. I have a "test" smartos box I can try this on first. Thanks >for the suggestions! > >On Thu, Aug 27, 2015 at 7:20 PM, Chris Ferebee <[email protected]> wrote: > >> Mark, >> >> Ah, sorry. >> >> Anything you do on the Synology will be overwritten by the automatic >> updates - which I would certainly want to enable these days - unless you >> bend over backwards. >> >> It's probably easier to have an up-to-date OpenSSH in the GZ. >> >> How about >> >> <https://wiki.smartos.org/display/DOC/Installing+pkgin> >> >> Replacing ssh in the GZ could well have unintended side-effects, but you >> could always make SunSSH the default. >> >> Best, >> Chris >> >> > Am 28.08.2015 um 00:22 schrieb Mark Creamer <[email protected]>: >> > >> > Thanks Chris, I should have been more specific. I'm interested in >> sending files from the global zone. For example, a series of snapshots get >> created of the various zones, then once a day one of them for each zone >> gets gzipped using zfs send, and then that file gets scp'd to the NAS. Do I >> have any options for this compatibility issue from the GZ? >> > >> > Thanks again, >> > Mark >> > >> > On Thu, Aug 27, 2015 at 6:17 PM, Chris Ferebee <[email protected]> wrote: >> > Mark, >> > >> > in a zone you probably just want to pkgin install openssh, which will >> give you a recent version of OpenSSH that’s compatible with current >> Synology releases. >> > >> > Best, >> > Chris >> > >> > >> > > Am 27.08.2015 um 23:57 schrieb Mark Creamer <[email protected]>: >> > > >> > > Hi, I've seen a few posts on this issue but haven't found anything on >> what to do to fix it. I would like to ssh some gzipped files from my >> SmartOS server to my Synology NAS device, and probably at some point use >> rsync for the same task, over ssh. >> > > >> > > When I ssh from the SmartOS server (running 20150820T062742Z) to the >> NAS, I get the following message: >> > > >> > > no common kex alg: client >> 'diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1', server ' >> [email protected] >> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1' >> > > >> > > I've seen an old post that says it's because of Sun-SSH or something >> like that, but I also thought it was planned to be resolved in a later >> version of SmartOS - but I have the latest. Thanks for any advice on this. >> > > >> > > -- >> > > Mark >> >> > > > -- > Mark > ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
