Information Security

Resources

IT Services have recently updating the list of permitted secure shell ciphers, algorithms, and key exchange protocols on a number of systems, including unix.sussex.ac.uk

This update is part of our ongoing efforts to harden our systems by taking a pro-active approach to security.

The primary change which users of unix.sussex.ac.uk and other ssh servers will see is a change in the servers’ fingerprint. You may see an error message lilke this:

Possible warning message for new host key on unix.sussex.ac.uk

The fingerprint for unix.sussex.ac.uk is available below. Please check that the fingerprint shown below is the fingerprint which is offered by the ssh server so that you can be sure that you are connecting to the correct server

Some users may see an error connecting to the ssh server. In this case please ensure that you have the latest version of your ssh client (e.g. putty 0.70, WinSCP 5.9.6) and that you are running a supported operating system (see below). IT Services has tested this change extensively and has found no issues with the most up to date ssh clients.

FINGERPRINT: SHA256:cDphVvdJsiHQsu5g9RrZPswAnChsIDH9Xow9yUj/p9c

 

Supported operating systems and clients:

  • Microsoft Windows: ensure you are running Windows 7 or higher and that your ssh client is running the latest version
  • MAC OSX: ensure you are running at least version.  Early versions are not supported.
  • Centos: ensure you are running the latest version
  • Android: ensure you are running version 6 or later and if the ssh client still won’t connect, contact the author or use Total Commander
  • iOS: ensure you are running version 11.2.6 or later, and if the ssh client still connect won’t, contact the author

SHA256:cDphVvdJsiHQsu5g9RrZPswAnChsIDH9Xow9yUj/p9c