[Bug 2209] Problem logging into Cisco devices under 6.5p1 (kexgexc.c)

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Mar 7 12:54:17 EST 2014


Darren Tucker <dtucker at zip.com.au> changed:

           What    |Removed                     |Added
                 CC|                            |dtucker at zip.com.au

--- Comment #1 from Darren Tucker <dtucker at zip.com.au> ---
The problem is Cisco does not correctly implement RFC4419, specifically
when asked for a preferred group size larger than its largest group it
fails rather than returning a group it does have that's within the
allowed min/max bounds.

There's been some discussion on the mailing list:

Non-code workaround: "KexAlgorithms
diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" in
~/.ssh/config for the device in question.

You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.

More information about the openssh-bugs mailing list