OpenSSH 6.6 - DH_GEX group out of range: 1536 !< 1024 !< 8192 [I]

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

Classification: For internal use only

Hi all,

recently we've moved from OpenSSH 6.2 to OpenSSH 6.6. Since we moved we 
have got problems with some sftp connection.

When we connect to some hosts we receive this error:

DH_GEX group out of range: 1536 !< 1024 !< 8192 
Couldn't read packet: Connection reset by peer 

Our OS is:  SUSE Linux Enterprise Server 11 SP4 

We've read that is a known issue: 
https://www.novell.com/support/kb/doc.php?id=7016904

We've tried to use this workaround: put in /etc/ssh_config this line:

KexAlgorithms 
diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 


It works for some sftp connection, but not all.

Can you help us ? Can you explains us why some connection work and other 
not ?

Kind regards,
Alessandro Lomonaco

____________________________________________________



Alessandro Lomonaco
Erptech S.p.A. | External Consultant

DB Consorzio S. Cons. a r. l.
GT Production EMEA
Piazza del Calendario, 3, 20126 Milano, Italy
Tel. +39 02 4024-3742
Email alessandro.lomonaco@xxxxxx


-- 

Informationen (einschließlich Pflichtangaben) zu einzelnen, innerhalb der EU tätigen Gesellschaften und Zweigniederlassungen des Konzerns Deutsche Bank finden Sie unter http://www.deutsche-bank.de/de/content/pflichtangaben.htm. Diese E-Mail enthält vertrauliche und/ oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail ist nicht gestattet.

Please refer to http://www.db.com/en/content/eu_disclosures.htm for information (including mandatory corporate particulars) on selected Deutsche Bank branches and group companies registered or incorporated in the European Union. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux