On 09/24/2017 12:32 PM, Mark D. Baushke wrote:
Please answer this question first:
Q1: If the moduli file is currently empty as in zero entries (apparently
the server has not yet populated it, or the administrator has truncated
the file to zero bytes). The server should do the following:
a) Do not send the diffie-hellman-group-exchange-sha256 or
diffie-hellman-group-exchange-sha1 option even if it is
configured in the sshd_config file, or
b) Send a DH group that it 'knows about' (be it group14, group16,
group18, or some other DH group it has on hand)?
Option A. Maybe option C would be to call fatal(), so as to draw the
admin's attention immediately. Or perhaps that's too extreme. I don't
have a strong opinion between A and C.
In my opinion, if the group exchange is configured in the sshd_config
file (or the default), I personally believe that if there is no entries
at all in the moduli file it should send a pre-defined DH MODP group
when there is no entry at all in the moduli file.
Admins have the option of using pre-defined DH groups already, like
"diffie-hellman-group14-sha256", "diffie-hellman-group16-sha512", etc.
If they want a static group, then they should use those. However,
admins that want dynamic groups have a reasonable expectation that
"diffie-hellman-group-exchange-sha256" actually uses them. To me, this
seems like the entire point of this group.
- Joe
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
