The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,482 other followers

Mikrotik RouterOS “/ip ssh” setting not available from WinBox and defaulting to insecure?

Posted by jpluimers on 2021/09/20

Still need to research this further:

Somewhere around 6.44, when upgrading an existing RouterOS device, this snippet became part of the configuration:

/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote

A few remarks:

  • I could not find anything in WinBox that is equivalent.
  • This sounds very insecure, so I have run this script:
    /ip ssh
    set allow-none-crypto=no forwarding-enabled=no

    which makes the snippet to disappear (because they are default settings according to [WayBack] Manual:IP/SSH – MikroTik Wiki).

    Like usual, the on-line documentation is dense and insufficiently clear, hence my measure.

In the future, I need to decipher these posts (via [WayBack] winbox ssh allow none crypto – Google Search and [WayBack] winbox ssh forwarding enabled remote – Google Search):

–jeroen

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

 
%d bloggers like this: