I ask because the removal of diffie-hellman-group-exchange-sha1 happened accidently in 7.8 due to a mistake in a change to readconf.c. I noticed this and filed a bug about it along with a patch to fix readconf.c to use KEX_CLIENT_* like it used to: https://github.com/openssh/openssh-portable/commit/1b9dd4aa https://bugzilla.mindrot.org/show_bug.cgi?id=2967 Its clear the removal was unintentional because myproposal.h still lists diffie-hellman-group-exchange-sha1 under KEX_CLIENT_KEX: https://github.com/openssh/openssh-portable/blob/V_7_8_P1/myproposal.h#L102 I was just thinking that if this hasn't been causing a problem for the last 2 releases then maybe its time to disable this by default in the client. This algorithm has been disabled by default in the server since the 6.7 release in October 2014. -- Jon Doge Wrangler X(7): A program for managing terminal windows. See also screen(1) and tmux(1). _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev