On 2015-04-03, Riccardo Mottola <riccardo.mott...@libero.it> wrote: > Hi, > > I want to connect to my OpenBSD box from my iPhone. When I connect to it > with zaTelnet I get> > > key exchange... > "Server must support diffie-hellman-group1-sha1" > > I run query on localhost this way: > $ ssh -Q kex localhost > diffie-hellman-group1-sha1 > diffie-hellman-group14-sha1 > diffie-hellman-group-exchange-sha1 > diffie-hellman-group-exchange-sha256 > ecdh-sha2-nistp256 > ecdh-sha2-nistp384 > ecdh-sha2-nistp521 > curve25519-sha...@libssh.org > > So I am confused. Is query reporting bogus results or maybe I do need to > enable something explicitely in sshd_config? > Or is instead zaTelnet dumb? > > Riccardo > >
See this: http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/www/faq/current.html?rev=1.521&content-type=text/html#20140603 ssh permits a wider range of ciphers/kex/MACs than sshd does by default.
