On Mon, 25 Sep 2017, Darren Tucker wrote: > On 25 September 2017 at 08:01, Damien Miller <djm@xxxxxxxxxxx> wrote: > [...] > > What behaviour would you like for this case? We can't send a group that is > > larger than 2048, because the client has said that is the maxiumum that > > will accept. Would you prefer the server disconnect at that point? > > Maybe only offer group14 in dh-gex the fallback path if the group14 > methods are in KexAlgorithms? Well, the problem with being restrictive in DH-GEX is that it can then fail in common circumstances after it has been selected. KEX algorithms don't usually do that - if you offer one then it will usually complete (barring internal errors). -d _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev