On Sun, 20 Jan 2019 at 12:21, Yegor Ievlev <koops1997@xxxxxxxxx> wrote: > Also, are DH groups sent by server signed in addition to server's > supported algorithms? Yes. From RFC4419 section 3: """ The server responds with: byte SSH_MSG_KEX_DH_GEX_REPLY string server public host key and certificates (K_S) mpint f string signature of H The hash H is computed as the HASH hash of the concatenation of the following: [...] string I_S, the payload of the server's SSH_MSG_KEXINIT [...] mpint p, safe prime mpint g, generator for subgroup """ -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev