On 09/24/2017 12:32 PM, Mark D. Baushke wrote:
Please answer this question first: Q1: If the moduli file is currently empty as in zero entries (apparently the server has not yet populated it, or the administrator has truncated the file to zero bytes). The server should do the following: a) Do not send the diffie-hellman-group-exchange-sha256 or diffie-hellman-group-exchange-sha1 option even if it is configured in the sshd_config file, or b) Send a DH group that it 'knows about' (be it group14, group16, group18, or some other DH group it has on hand)?
Option A. Maybe option C would be to call fatal(), so as to draw the admin's attention immediately. Or perhaps that's too extreme. I don't have a strong opinion between A and C.
In my opinion, if the group exchange is configured in the sshd_config file (or the default), I personally believe that if there is no entries at all in the moduli file it should send a pre-defined DH MODP group when there is no entry at all in the moduli file.
Admins have the option of using pre-defined DH groups already, like "diffie-hellman-group14-sha256", "diffie-hellman-group16-sha512", etc. If they want a static group, then they should use those. However, admins that want dynamic groups have a reasonable expectation that "diffie-hellman-group-exchange-sha256" actually uses them. To me, this seems like the entire point of this group.
- Joe _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev