Update the list of supported suites for SSH
Hello,
Recently I wanted to set up the backup feature in the controller, but I got errors instead.
My server's auth log stated:
Aug 17 12:51:45 <my_server> sshd[3859440]: error: Received disconnect from <controller_ip> port 55986:3: com.jcraft.jsch.JSchException: java.lang.ClassNotFoundException: com.jcraft.jsch.DHGEX256 [preauth]
Sure, I could get around that, but this isn't addressing the issue - controller relies on suites (here: KEX) that are now considered to be legacy.
This is quite weird because I've used software controller before moving to OC200 and though I have a basic hardening (CIS v2), it worked like a charm. It's like software-based and hardware-based controllers are deployed from entirely different branches.
Anyway, since this seems to be a matter of updating a single file in the release to make it support modern suites, could you please include that in the future release?
Thanks for posting here.
To confirm,
1. is the mentioned backup feature referring to the WAN link backup?
2. Do you mean it worked well on software controllers?
I am not able to send a regular post, I'm getting an absurd error, so I had to resort to posting an image instead of actual text.
Could someone explain what the heck is going on here? What external links?
