Displaying 3 results from an estimated 3 matches for "dh_grp_min".
2015 Jul 24
2
DH_GRP_MIN is currently 1024, should it be bumped to 2048?
Greetings,
Given the weakness with Diffie-Hellman modp groups less than 2048, is it
time to bump the suggested 1024 bit minimum value from the RFC 4419 to a
more current 2048 value for OpenSSH 7.0?
If so, should this be just a compile-time change, or should there be a
new client and server runtime option?
Thanks,
-- Mark
2008 Nov 23
4
[Bug 1540] New: Incorrect hash in SSH_MSG_KEX_DH_GEX_REPLY
...e.
The corresponding section of code is in function
kexgex_server in kexgexs.c:
case SSH2_MSG_KEX_DH_GEX_REQUEST:
debug("SSH2_MSG_KEX_DH_GEX_REQUEST received");
min = packet_get_int();
nbits = packet_get_int();
max = packet_get_int();
min = MAX(DH_GRP_MIN, min);
max = MIN(DH_GRP_MAX, max);
break;
The bug is that, if the client sends values of 512 and 8192 for min
and max in the SSH_MSG_KEY_DH_GEX_REQUEST message, then the client
will expect the server to use these same values when calculating the
hash. But the server will actually...
2014 Jul 15
3
GSSAPI
If I am trying to build OpenSSH 6.6 with Kerberos GSSAPI support, do I still need to get Simon Wilkinson's patches?
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |