Hello, On Sun, Sep 22, 2024 at 10:15 AM Kurt Fitzner via openssh-unix-dev <openssh-unix-dev@xxxxxxxxxxx> wrote: > > I would like to advocate for: > > - Change behaviour of the server to allow server operators to set the > minimum modulus group size allowable for a connection using > diffie-hellman-group-exchange-sha256 > Whether this is by having the server refuse to allow smaller moduli to > be used than exist in ModuliFile, or another explicit configuration > setting is added, it doesn't matter I strongly support this requirement. We have a similar one for RSA and having an explicit setting for DH would be great. -- Dmitry Belyavskiy _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev