Skip to main content

Notes on SSH


Notes on SSH
  1. For security reasons, in XCP 2362, you cannot use some of the encryption algorithms used for SSH connection.
    If SSH connection fails, update the SSH connection destination client and server, or change their settings.
    - Encryption algorithms that cannot be used for SSH connection by XCP 2362 or later

       aes128-cbc, aes192-cbc, aes256-cbc
    - Encryption algorithms that can be used for SSH connection by XCP 2362 or later

       aes128-ctr, aes192-ctr, aes256-ctr
  1. OpenSSL security fix (RTIF2-210506-001) in XCP 2400. This fix changes the "Fingerprint:" display of the showssh command. In XCP 2400 or later, "SHA256" and "no comment" are displayed. The file path name is not displayed.
    For details on the showssh(8) command, see the Fujitsu SPARC M12 and Fujitsu M10/SPARC M10 XSCF Reference Manual of the XCP version that you use.
  1. [Display example]
    - XCP 2400 or later
RSA key:
 :
Fingerprint:
2048 SHA256:jKM3wOwUOnQUX6LRWS5+3ji7f2ji7cN5naaDhCUQufw no comment (RSA)
DSA key:
 :
Fingerprint:
1024 SHA256:weptlraZ1EyZ4t4vbwX9zBR36REvQteyVq/Z/E3fR6M no comment (DSA) 
  1. - XCP 2362 or earlier
RSA key:
 :
Fingerprint:
1024 e4:35:6a:45:b4:f7:e8:ce:b0:b9:82:80:2e:73:33:c4 /etc/ssh/ssh_host_rsa_key.pub
DSA key:
 :
Fingerprint:
1024 9e:39:8e:cb:8a:99:ff:b4:45:12:04:2d:39:d3:28:15 /etc/ssh/ssh_host_dsa_key.pub