Re: DH Group Exchange Fallback

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 09/24/2017 11:13 PM, Mark D. Baushke wrote:
I wish to withdraw my suggested patch to dh.c as what OpenSSH is using
for falling back to a value related to the client max is correct for
some flavors of that concept.

That said, I suspect what Joe wants is for the max provided by the
client to be advisory such that the minimum value provided by the moduli
file would be used if the client max is smaller than that value.

That is, if the client sent min=1024,n=1024,max=1025 and the minimum
modulus in the moduli file was min_moduli=3072bits, that the client max
value be ignored in favor of using the MAX(max,min_moduli). In this way,
the adinistrator that no longer wanted to support 2048 bit group14 for
clients would be able to support a 3072-bit minimum to be sent for the
client.

Is this what you wanted to address Joe?

Sure, that's one way to handle it. As I mentioned in my reply to djm, the server can either disconnect or just send the 3072-bit modulus and let the client decide what it wants to do.

I don't feel too strongly about either option, as long as the end result is the code respects the admin's decision on minimum modulus sizes to use. That's my main concern.


I would have no objection to such a patch for OpenSSH.

	-- Mark
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux