Got a shiny new OL9 and I need to connect to some legacy servers, as in CentOS 5.
The OL9 SSH client does not support the legacy ciphers that CentOS 5 supports:
[opc@vm1 ~]$ ssh legacyServer
Unable to negotiate with 10.0.0.138 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
After looking at this page: OpenSSH Legacy Options
Tried this way:
[opc@vm1 ~]$ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 legacyServer
ssh_dispatch_run_fatal: Connection to 10.0.0.138 port 22: error in libcrypto
My hope is that I'm missing something else in /etc/crypto-policies/back-ends
to enable legacy ciphers.
Thanks!