Can we disable diffie-hellman-group-exchange-sha1 by default?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



I ask because the removal of diffie-hellman-group-exchange-sha1 happened
accidently in 7.8 due to a mistake in a change to readconf.c. I noticed
this and filed a bug about it along with a patch to fix readconf.c to use
KEX_CLIENT_* like it used to:

https://github.com/openssh/openssh-portable/commit/1b9dd4aa
https://bugzilla.mindrot.org/show_bug.cgi?id=2967

Its clear the removal was unintentional because myproposal.h still
lists diffie-hellman-group-exchange-sha1 under KEX_CLIENT_KEX:

https://github.com/openssh/openssh-portable/blob/V_7_8_P1/myproposal.h#L102


I was just thinking that if this hasn't been causing a problem for the
last 2 releases then maybe its time to disable this by default in the
client. This algorithm has been disabled by default in the server since
the 6.7 release in October 2014.


-- 
Jon
Doge Wrangler
X(7): A program for managing terminal windows. See also screen(1) and tmux(1).
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux