On Ubuntu 12.04 / OpenSSH_5.9p1 Debian-5ubuntu1 trying to initiate a connection with hmac-sha2-512 and diffie-hellman-group1-sha1 results in OpenSSH killing the connection after the SSH_MSG_KEXINIT packet is sent. The OpenSSH error logs state the following: debug2: mac_setup: found hmac-sha2-512 [preauth] debug1: kex: server->client arcfour256 hmac-sha2-512 none [preauth] dh_gen_key: group too small: 1024 (2*need 1024) [preauth] debug1: do_cleanup [preauth] This behavior, I believe, is in error as the shared secret produced by the diffie-hellman key exchange is essentially extended to the appropriate length by successive hashes that are concatenated together per RFC4253#section-7.2 Also, it works fine in Ubuntu 14.04 / OpenSSH_6.6p1 Ubuntu-2ubuntu1. My question is... for what versions of OpenSSH an issue? I'd like to hide hmac-sha2-512 from the list of supported MAC's the client sends over for all the affected SSH servers (ie. similar to how PuTTY handles SSH server bugs with http://the.earth.li/~sgtatham/putty/0.58/htmldoc/Chapter4.html#config-ssh-bugs). To do so, however, I need to know what I need to look for in the identification strings. ie. if this issue was present on all versions of OpenSSH prior to 6.5 I could just look for any identification string for which substr(identification-string, 8, 3) < '6.5'. If the issue is present in any server who's identification string ends with Debian-5ubuntu1 I could make a similar check for that. I just need to know what I should be checking for. Is there perchance a link that'd discuss this in more detail? _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev