× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. February 2020

Re: sshd fatal - no matching cipher found

Yea - I looked at it closer. ADDTCPPORT restricts which user profiles can bind to a port. So it limits who can run the server. The example IBM gives is stopping some host servers by not allowing QSECOFR to be the user profile binding to the port. https://www.ibm.com/support/pages/how-disable-ip-tls-or-both-ports-ibm-i-host-servers. This makes sense. If it was happening at auth time, then every application would need to know about it.




On Wed, 2020-02-19 at 21:46 +0100, Patrik Schindler wrote:

Hello Kevin,


Am 19.02.2020 um 20:19 schrieb Kevin Bucknum <

<mailto:Kevin@xxxxxxxxxxxxxxxxxxx>

Kevin@xxxxxxxxxxxxxxxxxxx

:


ADDTCPPORT may be able to lock it down. I haven't tried it. And there are config options in the sshd_config file that you can use. MATCH ADDRESS being the primary one.


As far as I'm aware, this is not a firewall but a way to tie IP ports to user profiles. From the help text I deduct this is a crude way to suppress local users using every possible port on outgoing connections.


:wq! PoC


PGP-Key: DDD3 4ABF 6413 38DE -

<https://www.pocnet.net/poc-key.asc>

https://www.pocnet.net/poc-key.asc






[https://www.medtronsoftware.com/img/MedtronMinilogo.bmp] Kevin Bucknum
Senior Programmer Analyst
MEDDATA / MEDTRON
120 Innwood Drive
Covington LA 70433
Local: 985-893-2550
Toll Free: 877-893-2550
https://www.medtronsoftware.com



CONFIDENTIALITY NOTICE

This document and any accompanying this email transmission contain confidential information, belonging to the sender that is legally privileged. This information is intended only for the use of the individual or entity named above. The authorized recipient of this information is prohibited from disclosing this information to any other party and is required to destroy the information after its stated need has been fulfilled. If you are not the intended recipient, or the employee of agent responsible to deliver it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or action taken in reliance on the contents of these documents is STRICTLY PROHIBITED. If you have received this email in error, please notify the sender immediately to arrange for return or destruction of these documents.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.