[rancid] Mikrotik login with strong ssh

heasley heas at shrubbery.net
Mon Oct 30 07:48:46 UTC 2017


Mon, Oct 30, 2017 at 06:49:49AM +0000, Alexander Griesser:
> Hi Jason,
> 
> please note that you can also add the cyphertype directly in .cloginrc for any given device, so you do not have to hack the binaries:
> 
> add cyphertype  192.168.0.1   aes192-ctr,aes192-cbc

that should be quoted

 add cyphertype  192.168.0.1   {aes192-ctr,aes192-cbc}

and, if you udate rancid, it was changed to not force a particular version,
so it will use whatever ssh's default list is or whatever the ~/.ssh/config
has set.

> Best,
> 
> Alexander Griesser
> Head of Systems Operations
> 
> ANEXIA Internetdienstleistungs GmbH
> 
> E-Mail: AGriesser at anexia-it.com<mailto:AGriesser at anexia-it.com>
> Web: http://www.anexia-it.com<http://www.anexia-it.com/>
> 
> Anschrift Hauptsitz Klagenfurt: Feldkirchnerstraße 140, 9020 Klagenfurt
> Geschäftsführer: Alexander Windbichler
> Firmenbuch: FN 289918a | Gerichtsstand: Klagenfurt | UID-Nummer: AT U63216601
> 
> Von: Rancid-discuss [mailto:rancid-discuss-bounces at shrubbery.net] Im Auftrag von Jason Ede
> Gesendet: Sonntag, 29. Oktober 2017 10:07
> An: rancid-discuss at shrubbery.net
> Betreff: [rancid] Mikrotik login with strong ssh
> 
> On my rancid (3.1) I want to use strong encryption on the mikrotiks, but will allow rancid to connect the to the weaker ones then I need to modify cyphertype in mtlogin on line 521 to the below.
> 
> "aes192-ctr,aes192-cbc"
> 
> >From my experience so far it seems to work on all versions of RouterOS v 6. Just putting this here in case others looking for it.
> 
> Jason

> _______________________________________________
> Rancid-discuss mailing list
> Rancid-discuss at shrubbery.net
> http://www.shrubbery.net/mailman/listinfo/rancid-discuss



More information about the Rancid-discuss mailing list