[Bug 2515] Implement diffie-hellman-group{14,15,16)-sha256

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sat Dec 12 19:14:05 AEDT 2015


https://bugzilla.mindrot.org/show_bug.cgi?id=2515

--- Comment #4 from Darren Tucker <dtucker at zip.com.au> ---
Created attachment 2768
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2768&action=edit
add diffie-hellman-group{14,15,16}-sha256

> This is still hashing with sha1, see kex_dh_hash() - it doesn't use hash_alg.

Well, that's not cool :-)

djm implemented the code to fix this which is included in the updated
patch.

With this change, openssh client interops with the dropbear server. 
dbclient doesn't work (the openssh server kills the connection claiming
a negative bignum) but it also worked with an unmodified
openssh-current with group14-sha1 (dbclient claims "Bad hostkey
signature").  I don't know where the problem is though.

-- 
You are receiving this mail because:
You are watching the reporter of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list