I went to SSH into one of my UTM9 machines today and was getting rejected. Took some digging but it appears the stock ssh configs on my Fedora 26 laptop have been updated to include the line below.
Ciphers aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes256-cbc,aes128-gcm@openssh.com,aes128-ctr,aes128-cbc,3des-cbc
It appears in /etc/crypto-policies/back-ends/openssh.config which is included by /etc/ssh/ssh_config.d/05-redhat.conf which is included by /etc/ssh/ssh_config.With that line in place, attempts to SSH to the UTM9 machine as root (using an RSA key that is loaded into the firewall's UI and has worked before) result in a simple "Connection Closed by X.X.X.X port 22" error. More verbose logging doesn't yield anything obvious to me. Comment out that line and it works as before.
I did some poking around and was able to work around it by adding "Ciphers +aes192-ctr" to the section in my ~/.ssh/config that applies to the firewall.
This thread was automatically locked due to age.