User Specific ssh/sftp/scp Customizations in CentOS.
- November 3rd, 2017
- Posted in Documentation
- Write comment
I ran into a situation where I was trying to place files for support, and they only supported 3des ciphers (3des-cbc,blowfish-cbc,3des-cbc). The global ssh client configuration on my system only supported aes ciphers. Instead of adding the 3des to the global configuration (/etc/ssh/ssh_config), I wanted to add it to just one account.
$ vi ~/.ssh/config
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,3des-cbc
$ chmod 400 ~/.ssh/config
Then, I could run ssh/sftp/scp with -vvv to verify. You should see the following output:
…
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,3des-cbc
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,3des-cbc
…
Of course, you can add any customization you want to the ~/.ssh/config file you want. This is just an example. What got me was the global config file is call ssh_config, while the user config file is called config. man ssh_config help me discover the correct name. If you do not have the correct name, you need to pass a -F myspecialcustomconfigfile to the ssh/sftp/scp command.
No comments yet.