Monday, 21 September 2020

SSL and Ciphers on my Synology DiskStation

 Whilst tinkering with my Synology DS-414 Network Attached Storage (NAS), I was trying/failing to SSH into the box: -

ssh -p 8822 admin@diskstation

I was seeing: -

Unable to negotiate with 192.168.1.17 port 8822: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc

Thankfully this is easy to mitigate - I merely needed to see what ciphers my Mac had: -

ssh -Q cipher

3des-cbc
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

and then choose my favourite: -

ssh -p 8822 -c aes256-cbc admin@diskstation

admin@diskstation's password: 
admin@DiskStation:~$ 

Once I added my SSH public key: -

vi ~/.ssh/authorized_keys 

I was off to the races !

No comments:

Yay, VMware Fusion and macOS Big Sur - no longer "NAT good friends" - forgive the double negative and the terrible pun ...

After macOS 11 Big Sur was released in 2020, VMware updated their Fusion product to v12 and, sadly, managed to break Network Address Trans...