From b94e17e8f33e499989f021a976960111e372c192 Mon Sep 17 00:00:00 2001
From: "Greg T. Wallace" <greg@gregtwallace.com>
Date: Tue, 18 Jun 2024 21:30:41 -0400
Subject: [PATCH] readme: update info regarding insecure ssh ciphers

---
 README.md | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 119a724..fb1cae5 100644
--- a/README.md
+++ b/README.md
@@ -22,9 +22,12 @@ setup) is:
 If you have problems you can post the log in an issue and I can try to fix it
 but it may be difficult without your particular hardware to test with.
 
-In particular, if you are experiencing `ssh: handshake failed:` please run 
-`ssh -vv myups.example.com` and include the `peer server KEXINIT proposal`
-in your issue. For example:
+In particular, if you are experiencing `ssh: handshake failed:` first try
+using the `--insecurecipher` flag. If this works, you should upgrade your
+NMC to a newer firmware which includes secure ciphers. You should NOT automate
+your environment using this flag as SSH over these ciphers is broken and
+exploitable. If this also does not work, please run `ssh -vv myups.example.com`
+and include the `peer server KEXINIT proposal` in your issue. For example:
 
 ```
 debug2: peer server KEXINIT proposal