Displaying 20 results from an estimated 300 matches similar to: "Can we disable diffie-hellman-group-exchange-sha1 by default?"
2019 Feb 14
2
Can we disable diffie-hellman-group-exchange-sha1 by default?
Can we disable diffie-hellman-group14-sha1 too?
On Thu, Feb 14, 2019 at 10:23 PM Mark D. Baushke <mdb at juniper.net> wrote:
>
> Hi John,
>
> The short answer is YES.
>
> Jon DeVree <nuxi at vault24.org> writes:
>
> > I ask because the removal of diffie-hellman-group-exchange-sha1 happened
> > accidently in 7.8 due to a mistake in a change to
2019 Feb 15
4
Can we disable diffie-hellman-group-exchange-sha1 by default?
Also, how are default moduli shipped with OpenSSH for use in
diffie-hellman-group-exchange-sha1/sha256 chosen? Are they chosen
randomly by developers or are they chosen for security properties? If
they are random, why not use moduli from RFC 7919 instead, like
Mozilla recommends?
On Fri, Feb 15, 2019 at 3:48 AM Mark D. Baushke <mdb at juniper.net> wrote:
>
> Yegor Ievlev <koops1997
2019 Feb 15
4
Can we disable diffie-hellman-group-exchange-sha1 by default?
I'm not nearly knowledgeable enough in crypto to fully understand your
answer, but I will try. I wonder why moduli are not automatically
generated the first time sshd is started though. That would make much
more sense than shipping a default moduli file but also asking
everyone to replace it with their own.
On Fri, Feb 15, 2019 at 5:50 AM Mark D. Baushke <mdb at juniper.net> wrote:
>
2019 Feb 15
2
Can we disable diffie-hellman-group-exchange-sha1 by default?
On Fri, 2019-02-15 at 15:57 +1100, Darren Tucker wrote:
> That was the original intent (and it's mentioned in RFC4419) however
> each moduli file we ship (70-80 instances of 6 sizes) takes about 1
> cpu-month to generate on a lowish-power x86-64 machine. Most of it
> is
> parallelizable, but even then it'd likely take a few hours to
> generate
> one of each size. I
2019 Feb 15
3
Can we disable diffie-hellman-group-exchange-sha1 by default?
I don't think there is any point to generate so many moduli. Actually,
3 moduli of sizes 2048, 3072 and 4096 seem like a sane choice.
On Fri, Feb 15, 2019 at 7:58 AM Darren Tucker <dtucker at dtucker.net> wrote:
>
> On Fri, 15 Feb 2019 at 14:22, Yegor Ievlev <koops1997 at gmail.com> wrote:
> > I'm not nearly knowledgeable enough in crypto to fully understand your
2019 Jan 19
3
Can we disable diffie-hellman-group14-sha1 by default?
e.g. can we make it throw warnings etc. rsa-sha2-256 and rsa-sha2-512
are fine, they use PSS.
On Sun, Jan 20, 2019 at 1:55 AM Yegor Ievlev <koops1997 at gmail.com> wrote:
>
> Also can we do anything with ssh-rsa? It uses both SHA-1 and
> deprecated PKCS#1 padding. If it's used to sign certificates, there's
> no additional protection of SHA-2 hashing before SHA-1
2014 Oct 10
3
[Bug 2291] New: ssh -Q kex lists diffie-hellman-group1-sha1 twice
https://bugzilla.mindrot.org/show_bug.cgi?id=2291
Bug ID: 2291
Summary: ssh -Q kex lists diffie-hellman-group1-sha1 twice
Product: Portable OpenSSH
Version: 6.7p1
Hardware: Other
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: sftp-server
Assignee:
2019 Feb 15
2
Can we disable diffie-hellman-group-exchange-sha1 by default?
That doesn't seem to be the case. See
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf
(5.6.1 Comparable Algorithm Strengths)
On Fri, Feb 15, 2019 at 8:28 AM Darren Tucker <dtucker at dtucker.net> wrote:
>
> On Fri, 15 Feb 2019 at 16:00, Yegor Ievlev <koops1997 at gmail.com> wrote:
> > I don't think there is any point to generate so
2019 Feb 15
2
Can we disable diffie-hellman-group-exchange-sha1 by default?
I referred to the fact that there is no value for 4096-bit groups at
all. For higher strengths than 128 bits one should probably not use
non-EC crypto at all, as the document suggests.
On Fri, Feb 15, 2019 at 9:19 AM Darren Tucker <dtucker at dtucker.net> wrote:
>
> On Fri, 15 Feb 2019 at 16:45, Yegor Ievlev <koops1997 at gmail.com> wrote:
> > That doesn't seem to be
2019 Jan 19
4
Can we disable diffie-hellman-group14-sha1 by default?
I'm not sure if collision resistance is required for DH key
derivation, but generally, SHA-1 is on its way out. If it's possible
(if there's not a very large percentage of servers that do not support
anything newer), it should be disabled.
2020 Oct 19
6
[Bug 3221] New: hostkey preference ordering is broken in some situations
https://bugzilla.mindrot.org/show_bug.cgi?id=3221
Bug ID: 3221
Summary: hostkey preference ordering is broken in some
situations
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
2016 May 11
23
[Bug 2568] New: ssh fails to authenticate using RSA keys when agent does not support sha256/512 signatures
https://bugzilla.mindrot.org/show_bug.cgi?id=2568
Bug ID: 2568
Summary: ssh fails to authenticate using RSA keys when agent
does not support sha256/512 signatures
Product: Portable OpenSSH
Version: -current
Hardware: Other
URL: https://github.com/connectbot/connectbot/issues/397
OS: Linux
2018 Jun 22
0
upgrade 2.2 to 2.3, diffie-hellman, ssl_min_protocol
> On 22 June 2018 at 10:18 tai74 at vfemail.net wrote:
>
>
>
> hi sorry if question was asked already. Was reading
> https://wiki2.dovecot.org/Upgrading/2.3
>
> first I'm confused on diffie hellman parameters file. I never set up
> ssl-parameters.dat before (should i have? do I have one that was
> automatically made for me by dovecot?)
>
> Do I need
2018 Jun 22
0
upgrade 2.2 to 2.3, diffie-hellman, ssl_min_protocol
On Fri, 22 Jun 2018, Joseph Tam wrote:
> However, recent advances make this condition obsolete [*] and not
> really safer, so a much faster way to generate a DH key is
>
> openssl dhparam -dsaparam -out dh.pem 4096
>
> DH generation is a one time operation, so if you're paranoid and you've
> got time to burn, go ahead and generate the "safe" DH key.
>
2020 Sep 07
0
Wireshark LDAP capture vs Diffie-Hellman / pre-master secret - key log file
Hi,
I am trying to debug a new (to me) printer, that should be able to use
AD (for LDAP / address book lookups as well as authentication).
It's been a while since I needed to dump traffic with wireshark; and
evidently it's got harder since I last tried :)
I have generated a wireshark dump on my DC, to see what the printer is
trying to do, using:
dc1$ sudo tcpdump host myprinter and port
2024 Sep 23
1
diffie-hellman-group-exchange-sha256 group size concerns and request
Hello,
On Sun, Sep 22, 2024 at 10:15?AM Kurt Fitzner via openssh-unix-dev
<openssh-unix-dev at mindrot.org> wrote:
>
> I would like to advocate for:
>
> - Change behaviour of the server to allow server operators to set the
> minimum modulus group size allowable for a connection using
> diffie-hellman-group-exchange-sha256
> Whether this is by having the server refuse
2018 Jun 25
1
upgrade 2.2 to 2.3, diffie-hellman, ssl_min_protocol
Thanks Joseph, Aki, but something missing from upgrade document, where
does the dh param file go? I located ssl-parameters.dat so I will put
it there.
Quoting Joseph Tam <jtam.home at gmail.com>:
> On Fri, 22 Jun 2018, Joseph Tam wrote:
>
>> However, recent advances make this condition obsolete [*] and not
>> really safer, so a much faster way to generate a DH key is
2018 Jun 22
2
upgrade 2.2 to 2.3, diffie-hellman, ssl_min_protocol
On Fri, 22 Jun 2018, Aki Tuomi wrote:
>> Do I need to make a fresh dh.pem? The upgrade doc tells how to convert
>> ssl-parameters.dat but how to make a new one?
>
> ... or you can make a fresh one using openssl
> gendh 4096 > dh.pem
This also works
openssl dhparam -out dh.pem 4096
> Note that this will require quite a lot of entropy, so you should
> probably
2024 Sep 21
1
diffie-hellman-group-exchange-sha256 group size concerns and request
Hello all,
I have recently had cause to dig a little into the specifics of how
diffie-hellman-group-exchange-sha256 group sizes work.
The belief in the wild, perpetuated by multiple sources of logjam
mediation papers and also Andras Stribnik's very influential piece
"Secure Secure Shell", is that server operators can force the use of a
minimum group size by removing moduli
2015 Jul 20
2
WinSCP 5.7.5 will support the RFC 4419 revision to Diffie-Hellman group exchange
Hello,
I'd like to inform you that the next release of WinSCP SFTP client (version 5.7.5) will support Diffie-Hellman group exchange as specified by RFC 4419.
http://winscp.net/tracker/show_bug.cgi?id=1345
So I'd like to ask you to kindly update the check in
compat_datafellows() to
WinSCP_release_4*
WinSCP_release_5.0*
WinSCP_release_5.1*
WinSCP_release_5.2*
WinSCP_release_5.5*