Re-enable older SSH clients to connect with newer servers

By on

Newer Linux distributions have started disabling older ciphers in the SSH server, but what if you really need one of those old ciphers?

I run Manjaro on my main desktop, but it has recently disabled certain old ciphers from connecting. That is generally a good thing: older ciphers aren't as secure.

However, I have a windows 98 computer for retro computing purposes, and I like to use (an ancient version of) WinSCP to copy over files from my main linux machine. But it only knows old ciphers, so I was unable to connect to the linux computer.

All I had to do, was enable a single old cipher in the /etc/ssh/sshd_config file. By adding this option:

KexAlgorithms +diffie-hellman-group1-sha1

Then I had to restart the SSH server and voila, it works!


Jelle De Loecker