preferred key exchange methods

Marko Asplund aspa at kronodoc.fi
Fri Mar 8 20:44:15 EST 2002


is there a way of specifying preferred key exchange methods on client end
with OpenSSL 3.1 using ssh2?

i'm trying to determine which key exchange method is actually being used
for a connection but i'm i bit confused by the debug messages:

...
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 121/256
debug1: bits set: 1553/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host 'foo.faa.fi (128.214.56.84)' can't be established.
RSA key fingerprint is 84:e2:3f:20:c4:61:e0:3e:ba:04:f6:62:98:73:97:a0.
Are you sure you want to continue connecting (yes/no)? 

the debug messages indicate Diffie-Hellman key exchange is used but with
an RSA key. is this correct?

-- 
	aspa




More information about the openssh-unix-dev mailing list