Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

10.6: Change remote ssh connections default System 10.6
Snow Leopard only hintIn 10.5 and previous versions of the system, Terminal's remote connection dialog (go to the menu item Shell » New Remote Connection...) had a selection for Secure Shell (ssh) that defaulted to 'SSH (Automatic).' In 10.6, this has been changed to default to 'SSH Protocol 1.' None of my servers support SSH-1 (and if yours do, you should fix the security hole and disable it). [crarko adds: Here's a nice little FAQ that describes the SSH-1 and SSH-2 protocols. SSH-2 is newer and more secure.]

Also, Terminal does not remember the state when you change this pull down. Quitting Terminal or changing to another protocol and back will reset the pull down back to SSH-1. Here's a simple way to force it to keep the change.

Since there doesn't seem to be a way to save the state of the pull down, just ignore the built-in Secure Shell service entry entirely and make a new one.

Click on the + under the Service list (within the New Remote Connection... dialog box), and create a new service.

Type ssh into all three fields. If you want specific special ssh options for every ssh session (like -2 for SSH-2 only, or -4 to only use IPv4 addresses), you can add them to the command line here. See man ssh for the available options. You can pass the username for the remote machine when you go to connect to it from the dialog.

Now this new service will default to whatever you want to set it to. It won't have additional options in the pulldown protocol menu at all.

[crarko adds: I tested this, and it works as described.]
    •    
  • Currently 2.37 / 5
  You rated: 4 / 5 (27 votes cast)
 
[9,054 views]  

10.6: Change remote ssh connections default | 9 comments | Create New Account
Click here to return to the '10.6: Change remote ssh connections default' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.6: Change remote ssh connections default
Authored by: mchugh24 on Jul 28, '10 12:16:05PM

Does that mean that the ssh 1 protocol is used by default if you use the ssh command in the shell? That seems insane. I remember reading to use ssh 2 like 8 years ago. Don't most Linux and Unix distros default to 2 these days? (its been awhile since I've played around with this)



[ Reply to This | # ]
10.6: Change remote ssh connections default
Authored by: solitario on Jul 28, '10 03:07:08PM

No, the default for SSH is determined by the configuration files ~/.ssh/config & /etc/ssh_config, with the per-user file having priority over the global file. You can override any option on the command line.

If the Protocol option isn't configured in any of these files nor specified on the command line (-1 or -2 switch) ssh will default to protocol version 2. This is also how Mac OS X is configured by default.

[ Reply to This | # ]

10.6: Change remote ssh connections default
Authored by: solitario on Jul 28, '10 01:58:22PM

I didn't know about this feature, so I obviously never used it before. When I checked it out on my machine, which is fully updated it defaulted to SSH (Automatic), so I think you describe a machine specific issue.

It would be interesting to see if defaults read com.apple.Terminal turns up something related to SSH on your system.

[ Reply to This | # ]

10.6: Change remote ssh connections default
Authored by: cuban321 on Jul 29, '10 12:58:29AM

Nope, it happens to me too. Could be a pref, I'll try tomorrow and see.



[ Reply to This | # ]
10.6: Change remote ssh connections default
Authored by: clusty on Jul 28, '10 07:26:13PM

the part about the licensing in the linked FAQ is totally bollox



[ Reply to This | # ]
10.6: Change remote ssh connections default
Authored by: ershler on Jul 29, '10 11:27:30AM

From the 10.6.4 man page for ssh


The OpenSSH SSH client supports SSH protocols 1 and 2. Protocol 2 is the default, with ssh falling
back to protocol 1 if it detects protocol 2 is unsupported. These settings may be altered using the
Protocol option in ssh_config(5), or enforced using the -1 and -2 options (see above). Both protocols
support similar authentication methods, but protocol 2 is preferred since it provides additional mecha-
nisms for confidentiality (the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) and
integrity (hmac-md5, hmac-sha1, umac-64, hmac-ripemd160). Protocol 1 lacks a strong mechanism for
ensuring the integrity of the connection.



[ Reply to This | # ]
10.6: Change remote ssh connections default
Authored by: RossGGG on Aug 01, '10 08:50:12PM

While the terminal command for ssh does default to using the protocol specified in the ssh_config, the default option in the Remote Connection GUI window is SSH Protocol 1 in Snow Leopard. Because of this, it forces the generated SSH command to use the -1 flag, ignoring the preference for protocol 2. For some people this might not be a problem, if you typically execute your ssh commands from the prompt, but for the rest of us, it sort of negates the convenience of discovering and selecting ssh servers using the bonjour browser.



[ Reply to This | # ]
10.6: Change remote ssh connections default
Authored by: joelbruner on Aug 02, '10 01:36:56PM

Exactly, it does defeat the ease of use... so, I let Apple know back on April 1st, Bug ID# 7798847, didn't make it into 10.6.4... :( turns out its a known Bug ID# 7004386... maybe one day they'll fix it, seems as though it is hardcoded into Terminal.app, why it got screwed up from 10.5 to 10.6 who knows...



[ Reply to This | # ]
10.6: Change remote ssh connections default
Authored by: joelbruner on Aug 03, '10 02:28:46PM
For clarity's sake, when setting up the new listener to use _ssh._tcp. for the Bonjour name, it's the example they have next to it...

[ Reply to This | # ]