Skip to main content

OpenSSH config parser borked in MacOS X?

Sometimes I like to use certain ciphers for different hosts (for performance reasons). But the OpenSSH version (v5.1p1, OpenSSL 0.9.7l 28 Sep 2006) in MacOS 10.4.11 seems to read the config only halfway:

alice$ cat .ssh/config.test 
Host *
        Ciphers                 arcfour128
Host bob
        Ciphers                 arcfour

alice$ ssh -F .ssh/config.test bob
no matching cipher found: client arcfour128 server aes128-cbc,3des-cbc,[...]
cbc,arcfour
It should've used 'arcfour', since the SSH.com ssh2d does not understand all OpenSSH ciphers. When changing the global cipher preferences to something else, everything works as expected:
alice$ cat .ssh/config.test 
Host *
        Ciphers                 aes128-cbc
Host bob
        Ciphers                 arcfour

alice$ ssh -F .ssh/config.test bob
Password: