Request to add AES_256_CBC #24390
Labels
Comments
|
Hi @victorpng, Terraform relies on the Go SSH implemention, which does not support that particular cipher suite due to security questions and the prevalence of other more widely adopted cipher suites. The current standard cipher set for openssh does not include any CBC mode ciphers at all: Since the SSH client implementation does not support that particular cipher, support for it is not something we can add. Thanks! |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
ghost
locked and limited conversation to collaborators
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi,
I'm having issue with the SSH of Terraform when the server only allows AES_256_CBC cipher.
I had searched past issue and also raised the issue on terraform-providers. Understand that it is due to the cipher missing from golang.
golang/go#36647
Current Terraform Version
Uses-case
To allow ssh client to work on server that only allow CBC cipher
Attempted Solution
Nil. I currently using another script to handle the setup of the server that requires SSH/SCP.
Proposal
There was this issue raise - #5279
I'm unable to replicate what he did, but I hope his method will works as the solution.
The text was updated successfully, but these errors were encountered: