On 2014-03-31 13:51, Tom Hayward wrote:
On Mon, Mar 31, 2014 at 11:02 AM, Bill Vodall <wa7nwp@gmail.com> wrote:
SSH had cipher=none. They disabled it. They removed it because somebody might accidentally use it.
The High Performance SSH folks put it back.
https://launchpad.net/~w-rouesnel/+archive/openssh-hpn
I'd start there if (when) I get back to 44 net use.
We started here, or at least are aware of it.
The problem is that we don't know how to replace the SSH daemon that's built into ROS. Sure, we could run OpenWRT in a metarouter on the modem, then normal SSH from the metarouter to ROS (all within the CPU, encryption doesn't matter). A better solution would be to distribute a .npk that you can upload to your modem to replace the built-in SSH. Mikrotik does not provide an SDK for this, so we're trying to reverse engineer their package format to see if we can generate our own.
A few more search iterations gave me https://github.com/kost/mikrotik-npk Also replacing sshd should be mandatory, looks like it has a back door? http://kingcope.wordpress.com/2013/09/02/mikrotik-routeros-5-and-6-sshd-remo...