No, this is not an option. Also note, that this breaks a lot of workflows without reason, because Ubuntu ssh client simply stops working with a message like "~/.ssh/config line 3: Bad SSH2 cipher spec '...'": it simply does not know such ciphers (does not ignore them). So especially in environments with shared homes bionic (the usual case in enterprises?) cannot be deployed (and telling people, that they need to use different options when the are on bionic, is simply is useless pain for the users as well as company hotlines).
Ubuntu should do, what all major enterprise ready distributions/unices do, i.e. bundle support for those ciphers for backward compatibility, but disable them per default). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1769284 Title: ssh client: blowfish-cbc required - missing in bionic Status in openssh package in Ubuntu: Won't Fix Status in openssh-ssh1 package in Ubuntu: Fix Released Bug description: In bionic openssh client/server ships without blowfish-cbc, arcfour, arcfour128, arcfour256 and cast128-cbc. Unfortunately they are required for backward compatibility, especially for embedded devices, which do not support other ciphers (e.g. Rittal Liquid Cooling Package for racks). So disable them per default is ok, but one should still be able to use them on demand for older, non-upgradable HW/SW envs. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1769284/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
