FYI HEAD now refuses <1024 bit DH keys in group-exchange

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hi,

I just committed a change to HEAD that raises the minimum Diffie-Hellman
group size that the client will accept from 1024 to 2048 bits.
Connections to well-behaved servers should not be affected by this
change, but I've identified at least one case where a misconfigured
server can cause connection failure. The errors look like:

> ssh_dispatch_run_fatal: Connection to 10.1.1.1: DH GEX group out of
> range

The problematic software is OpenSSH <3.9 or Sun_SSH (all versions).
It will use a fixed 1024 bit DH group as an implicit fallback if
/etc/ssh/moduli is missing, unreadable or empty.

Hopefully nobody is still using such an ancient OpenSSH (>10 years
old!), so the Sun_SSH case is more likely. If this change prevents you
from connecting to a server, then the workaround is to explicitly use
the weak diffie-hellman-group1-sha1 key exchange method to connect, i.e.

ssh -oKexAlgorithms=diffie-hellman-group1-sha1 user@host

Once you are logged in, restore a good /etc/ssh/moduli (you can copy
one from OpenSSH HEAD[1]), log out and try to log in again without the
KexAlgorithms option. It should work fine.

We always appreaciate reports from people who are able to test HEAD in
their environments and I'm particularly interested in reports of similar
failures.

-d

[1] https://anongit.mindrot.org/openssh.git/plain/moduli
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux