Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the '10.6: Change remote ssh connections default' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.6: Change remote ssh connections default
Authored by: ershler on Jul 29, '10 11:27:30AM

From the 10.6.4 man page for ssh

The OpenSSH SSH client supports SSH protocols 1 and 2. Protocol 2 is the default, with ssh falling
back to protocol 1 if it detects protocol 2 is unsupported. These settings may be altered using the
Protocol option in ssh_config(5), or enforced using the -1 and -2 options (see above). Both protocols
support similar authentication methods, but protocol 2 is preferred since it provides additional mecha-
nisms for confidentiality (the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) and
integrity (hmac-md5, hmac-sha1, umac-64, hmac-ripemd160). Protocol 1 lacks a strong mechanism for
ensuring the integrity of the connection.

[ Reply to This | # ]
10.6: Change remote ssh connections default
Authored by: RossGGG on Aug 01, '10 08:50:12PM

While the terminal command for ssh does default to using the protocol specified in the ssh_config, the default option in the Remote Connection GUI window is SSH Protocol 1 in Snow Leopard. Because of this, it forces the generated SSH command to use the -1 flag, ignoring the preference for protocol 2. For some people this might not be a problem, if you typically execute your ssh commands from the prompt, but for the rest of us, it sort of negates the convenience of discovering and selecting ssh servers using the bonjour browser.

[ Reply to This | # ]
10.6: Change remote ssh connections default
Authored by: joelbruner on Aug 02, '10 01:36:56PM

Exactly, it does defeat the ease of use... so, I let Apple know back on April 1st, Bug ID# 7798847, didn't make it into 10.6.4... :( turns out its a known Bug ID# 7004386... maybe one day they'll fix it, seems as though it is hardcoded into, why it got screwed up from 10.5 to 10.6 who knows...

[ Reply to This | # ]