1. Forum
  2. FSXNet
  3. FSX MYS

  • SSH for Netrunner?

    From Shurato@21:2/148 to All on Wed Apr 17 12:15:00 2024
    What restrictions for my SSH server do I need to relax to allow netrunner connections? I googled it, but google results for BBS technology are quite limited. I'd like to allow netrunner to connect to my ssh (though I prefer
    ssl websocket connections from icyterm (does anything else other than ftelnet and icyterm support this?)), but right now it can't. Apam suggested this,
    and I didn't realize it was even an option, but I'm totally unsure on what security methods to remove as required for this to take effect.

    My SSH connection is through a debian VM that then telnets internally to the BBS, keeping everything under the SSH tunnel externally. I don't like doing that, and the BBS isn't too keen (It becomes unresponsive if the user has
    more than a couple personal messages, and the files area doesn't work for
    some reason.) on it. Websocket connections work great!

    --- shsbbs.net
    Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
    ,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


    *** THE READER V4.50 [freeware]
    ---
    * Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (21:2/148)
  • From Zip@21:1/202 to Shurato on Wed Apr 17 20:54:30 2024
    Hello Shurato!

    On 17 Apr 2024, Shurato said the following...

    What restrictions for my SSH server do I need to relax to allow netrunner connections? I googled it, but google results for BBS technology are quite limited. I'd like to allow netrunner to connect to my ssh (though

    I believe you would need to allow CBC ciphers (as at least older versions of cryptlib don't appear to support GCM ciphers). Have a look at the "Ciphers" section of 'man 5 sshd_config'; you might wish to include e.g. "aes256-cbc" among the ones listed there.

    Hope this helps!

    Best regards
    Zip

    --- Mystic BBS v1.12 A49 2023/04/30 (Linux/64)
    * Origin: Star Collision BBS, Uppsala, Sweden (21:1/202)
  • From Shurato@21:2/148 to Zip on Wed Apr 17 13:40:00 2024

    Hello Shurato!

    On 17 Apr 2024, Shurato said the following...

    What restrictions for my SSH server do I need to relax to allow
    netrunner
    connections? I googled it, but google results for BBS technology are quite limited. I'd like to allow netrunner to connect to my ssh
    (though

    I believe you would need to allow CBC ciphers (as at least older versions of cryptlib don't appear to support GCM ciphers). Have a look at the "Ciphers" section of 'man 5 sshd_config'; you might wish to include e.g. "aes256-cbc" among the ones listed there.

    as a prophylactic, I added all of the cbc ciphers (as shown from the results
    of sshd -Q cipher below):
    3des-cbc
    aes128-cbc
    aes192-cbc
    aes256-cbc
    aes128-ctr
    aes192-ctr
    aes256-ctr
    aes128-gcm@openssh.com
    aes256-gcm@openssh.com
    chacha20-poly1305@openssh.com

    I'm still not connecting, it just times out.

    --- shsbbs.net
    Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
    ,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


    *** THE READER V4.50 [freeware]
    ---
    * Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (21:2/148)
  • From Shurato@21:2/148 to Zip on Wed Apr 17 15:11:00 2024

    Hello Shurato!

    On 17 Apr 2024, Shurato said the following...

    What restrictions for my SSH server do I need to relax to allow
    netrunner
    connections? I googled it, but google results for BBS technology are quite limited. I'd like to allow netrunner to connect to my ssh
    (though

    I believe you would need to allow CBC ciphers (as at least older versions of cryptlib don't appear to support GCM ciphers). Have a look at the "Ciphers" section of 'man 5 sshd_config'; you might wish to include e.g. "aes256-cbc" among the ones listed there.

    I had a typo (which I'm prone too... of cbs instead of cbc and killed my
    sshd). It's working with netrunner now!

    I googled it, now that I had more to work with and aes128-cbc is the
    cipher used by netrunner.

    --- shsbbs.net
    Shurato, Sysop Shurato's Heavenly Sphere (ssh, telnet, pop3, ftp,nntp,
    ,wss) (Ports 22,23,110,21,119,8080) (ssh login 'bbs' pass 'shsbbs').


    *** THE READER V4.50 [freeware]
    ---
    * Origin: Shurato's Heavenly Sphere telnet://shsbbs.net (21:2/148)
  • From Alonzo@21:1/130 to Shurato on Wed Apr 17 18:27:55 2024
    I had a typo (which I'm prone too... of cbs instead of cbc and killed my sshd). It's working with netrunner now!

    Congratulations! It's those little details that will mess you ±up
    every time.

    ... Consultant: A person who makes good on a salesman's promises!

    --- Mystic BBS v1.12 A48 (Windows/64)
    * Origin: From the depths of Bunker 3 (21:1/130)
  • From Zip@21:1/202 to Shurato on Thu Apr 18 17:13:18 2024
    Hello Shurato!

    On 17 Apr 2024, Shurato said the following...

    I had a typo (which I'm prone too... of cbs instead of cbc and killed my sshd). It's working with netrunner now!

    Glad to hear that! =)

    I googled it, now that I had more to work with and aes128-cbc is the cipher used by netrunner.

    Ah! That's good to know. I know Mystic's SSH server accepts aes256-cbc, so I thought maybe it would be the same for NetRunner... almost, then. =)

    Best regards
    Zip

    --- Mystic BBS v1.12 A49 2023/04/30 (Linux/64)
    * Origin: Star Collision BBS, Uppsala, Sweden (21:1/202)