ssh unkown cipher type error

jimmy75_13 · August 12, 2011, 4:57am

Hello everyone,

I am attempting to execute a script through SSH and am getting "unkown cipher type error".... Here is my command:

ssh paydvopl02 -c '"/home/jpassema/test.sh 1"'

and the actual error message :

Unknown cipher type '"/home/jpassema/test.sh 1"'

the test.sh script is executable and ssh keys hve been shared for the user. However, the following command works just fine

ssh paydvopl02 '"/home/jpassema/test.sh"'

Thanks for your inputs

pludi · August 12, 2011, 5:15am

man man ssh (Linux):

-c cipher_spec
Selects the cipher specification for encrypting the session.

     Protocol version 1 allows specification of a single cipher.  The supported values are "3des", "blowfish", and "des".  3des \(triple-des\) is an encrypt-decrypt-encrypt triple with three dif- ferent keys.  It is believed to be secure.  blowfish is a fast block cipher; it appears very secure and is much faster than 3des.  des is only supported in the ssh client for interoperabil- ity with legacy protocol 1 implementations that do not support the 3des cipher.  Its use is strongly discouraged due to crypto- graphic weaknesses.  The default is "3des".

     For protocol version 2, cipher_spec is a comma-separated list of ciphers listed in order of preference.  The supported ciphers are: 3des-cbc, aes128-cbc, aes192-cbc, aes256-cbc, aes128-ctr, aes192-ctr, aes256-ctr, arcfour128, arcfour256, arcfour, blow- fish-cbc, and cast128-cbc.  The default is:

	   aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,
	   arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,
	   aes192-ctr,aes256-ctr

Meaning the -c option isn't the same as for bash/ksh/... where it means "I only want to run 1 command". Besides, you have too many quotes around the command itself.

jimmy75_13 · August 12, 2011, 5:27am

How can i specify in a KSH script the cipher type in a SSH command?

As for the quotes, if i don't put them in, the parameter doesn't go through the SSH command....

pludi · August 12, 2011, 5:40am

Why would you want to specify a cipher type if the command works just fine without it?

jimmy75_13 · August 12, 2011, 5:45am

I want to be able to execute a script with arguments through SSH in a KSH script, and as it so happens, the "-c" option allows me to send my arguments through, but raises that "cipher issue".

pludi · August 12, 2011, 6:03am

Um, no:

pludi@background:~$ cat /tmp/args.sh
#!/bin/bash

i=0
for arg in "$@"
do
   echo "Argument $((++i)) is $arg"
done
pludi@background:~$ ssh localhost /tmp/args.sh Foo Bar Baz '"Total SNAFU"'
pludi@localhost's password:
Argument 1 is Foo
Argument 2 is Bar
Argument 3 is Baz
Argument 4 is Total SNAFU

jimmy75_13 · August 12, 2011, 10:30am

Sorry you're absolutely right about the arguments, the reason i had the quotes is because ultimately i wish to ssh followed by a sudo like so :

ssh HOST sudo su - user /path/test.sh ARG

---------- Post updated at 04:30 PM ---------- Previous update was at 02:04 PM ----------

Thanks for your help, i'm not stuck anymore........