On Sat, May 23, 2015 at 12:30 AM, David McBride <dwm37@xxxxxxxxx> wrote: > On Fri, May 22, 2015 at 12:27:01, Darren Tucker <dtucker@xxxxxxxxxx> > wrote: > > > Note that PuTTY does do Diffie-Hellman Group Exchange, but until very > > recently (ie after their 0.64 release) they didn't do the one that was > > actually standardized in RFC4419. OpenSSH recently removed support for > > that non-standard one and as a result we don't offer DHGEX to PuTTY > > versions <= 0.64 so they'll fall back to group14 (2k bit fix group). > > I think this is wrong. > > This commit [0] from 2005 appears to show the addition of > diffie-hellman-group-exchange-sha256 support to PuTTY. > You're right, thanks for pointing this out. When I looked at it I was specifically looking at group-exchange-sha1 (because that was the thing using the deprecated format) and overlooked sha256. That does mean that there's a stronger case for removing 1kbit and 1.5kbit groups from the moduli file because that would result in stronger groups being used for versions of PuTTY from then until 0.64, which is the current release as I write this. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev