Displaying 2 results from an estimated 2 matches for "mtis".
Did you mean:
mis
2019 Feb 14
2
Can we disable diffie-hellman-group-exchange-sha1 by default?
I ask because the removal of diffie-hellman-group-exchange-sha1 happened
accidently in 7.8 due to a mistake in a change to readconf.c. I noticed
this and filed a bug about it along with a patch to fix readconf.c to use
KEX_CLIENT_* like it used to:
https://github.com/openssh/openssh-portable/commit/1b9dd4aa
https://bugzilla.mindrot.org/show_bug.cgi?id=2967
Its clear the removal was unintentional
2019 Feb 14
2
Can we disable diffie-hellman-group-exchange-sha1 by default?
...equired and may (and in my opinion should) be
> disabled by default without any impact to the SSHv2 protocol.
>
> The only two Mandatory To Implement (MTI) key exchange methods are those
> in RFC3253 (diffie-hellman-group1-sha1 and diffie-hellman-group14-sha1).
> Even though they are MTIs, that just means you need to be able configure
> them, there is no mandatory requirement that a given installation enable
> them by default.
>
> Enjoy!
> -- Mark
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-...