[Bug 3878] WarnWeakCrypto for non-PQ keys is suppressed if KexAlgorithms option is used
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Oct 10 10:13:47 AEDT 2025
https://bugzilla.mindrot.org/show_bug.cgi?id=3878
--- Comment #4 from Damien Miller <djm at mindrot.org> ---
> TBH, a command line option that explicitly and compactly
> lists all crypto algorithms chosen for use once the
> connection is established would be good.
That's ssh -G, e.g.
[djm at desktop ~]$ ssh -G github.com | grep ^kexalgorithms
kexalgorithms
mlkem768x25519-sha256,sntrup761x25519-sha512,sntrup761x25519-sha512 at openssh.com,curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list