On Sat, May 23, 2015 at 12:30 AM, David McBride <dwm37@xxxxxxxxx> wrote: > On Fri, May 22, 2015 at 12:27:01, Darren Tucker <dtucker@xxxxxxxxxx> > wrote: > > > Note that PuTTY does do Diffie-Hellman Group Exchange, but until very > > recently (ie after their 0.64 release) they didn't do the one that was > > actually standardized in RFC4419. OpenSSH recently removed support for > > that non-standard one and as a result we don't offer DHGEX to PuTTY > > versions <= 0.64 so they'll fall back to group14 (2k bit fix group). > > I think this is wrong. > I've looked into it some more and unfortunately it's not wrong. > This commit [0] from 2005 appears to show the addition of > diffie-hellman-group-exchange-sha256 support to PuTTY. > diffie-hellman-group-exchange-sha256 and diffie-hellman-group-exchange-sha1 use the same message type defined in RFC4419 to request a group, and PuTTY up to 0.64 uses the same deprecated message type (30) for both. See > https://anongit.mindrot.org/openssh.git/commit/?id=318be28cda1fd9108f2e6f2f86b0b7589ba2aed0 > > + if ((datafellows & SSH_OLD_DHGEX) != 0) { > + p = filter_proposal(p, "diffie-hellman-group-exchange-sha256"); > + p = filter_proposal(p, "diffie-hellman-group-exchange-sha1"); > + } > > > > > I've also just successfully connected to a local test OpenSSH server > (v6.7p1, as packaged by Debian) with only > diffie-hellman-group-exchange-sha256 enabled with an older release of > PuTTY (0.63) without any issue. > The removal of the pre-RFC4419 message type in OpenSSH was made after the last release. Please retry your test with a current development snapshot. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev