- Log in to ARM600's WHMI as the arctic-adm user.
- On the left pane under the VPN menu, select SSH-VPN.
Under Global Settings, the current state of the SSH legacy mode is shown.
Figure 1. SSH legacy mode status - Click Edit settings to enable or disable the mode.
- Clear the check box next to Enable SSH legacy mode to disable the SSH legacy mode. Click the check box to enable the legacy mode.
- Click Confirm settings to confirm the changes.
- For the changes to take effect, restart the SSH-VPN server by pressing Restart server on the SSH-VPN page.
Due to the security risk inherent in the SSH legacy mode, a notification is shown at the top of ARM600's WHMI when it is active. The notification can be dismissed by clicking the link to the right of the notification and confirming it permanently by selecting the Do not show this again check box followed by clicking Confirm.
Note: Restarting the SSH-VPN server does not immediately affect already connected peers. For example, after disabling the SSH legacy mode, already connected peers use the legacy SSH server until the connection is broken. The next time they connect, the peers use the non-legacy OpenSSH server. It is possible to force peers to reconnect by, for example, disabling and re-enabling each peer individually by clicking the Disable button, followed by clicking Enable on the SSH-VPN page in the list of peers.Note: After disabling the SSH legacy mode, any peers with an SSH1 RSA key are no longer able to connect to ARM600. The key type of each peer is listed on the SSH-VPN page.
- On the left pane under the VPN menu, select SSH-VPN.
Under Global Settings, the current state of the SSH legacy mode is shown.
Figure 1. SSH legacy mode status