Web lists-archives.com

Re: buster ssh problem




On Wed, Nov 01, 2017 at 07:40:40PM +0000, Glenn English wrote:
> I didn't create the ~/.ssh/config file because I wanted ssh to work
> for me, no matter who I logged in as or su'ed to. I realize (or think,
> anyway) that's going to open my admin box to the darkSide. I need to
> think about that.

The directives that work in ~/.ssh/config also work in /etc/ssh/ssh_config
and this includes the Host matching stuff.

As it says in the man page,

SYNOPSIS
     ~/.ssh/config
     /etc/ssh/ssh_config

Since you only want to use the inferior ciphers when connecting to one
specific host, you can put a Host stanza in /etc/ssh/ssh_config
to change the Ciphers for just that host.