Diffie Hellman key exchange algorithms

Damien Miller djm at mindrot.org
Sat Sep 22 13:06:26 EST 2007

On Thu, 20 Sep 2007, Vikram Mhetre wrote:

> A few questions regarding the OpenSSH support for the Diffie Hellman key exchange algorithms:
> (1) Are the diffie-hellman-group-exchange-sha256",
> "diffie-hellman-group-exchange-sha1" , "diffie-hellman-group14-sha1"
> "diffie-hellman-group1-sha1" (as defined in RFCs 4253 and RFC 4419)
> the complete list of key exchange algorithms supported by OpenSSH?


> (2) Is there a way to configure the DH key exchange algorithms to be
> supported?


> (3) The /etc/primes file is used for the
> "diffie-hellman-group-exchange-sha256",
> "diffie-hellman-group-exchange-sha1" algorithms. However if the primes
> file does not exist does the SSH connection simply fail if one of
> these two algorithms is chosen during the initial part of the setup.
> That is, based on RFC 4419, since the server cannot choose a suitable
> prime group (p,g) from the primes file (since it does not exist) will
> it simply reject the SSH connection?

That is incorrect. The group exchange methods will fall back to a fixed
modulus (the same used in diffie-hellman-group14-sha1) if they cannot
open /etc/moduli.


More information about the openssh-unix-dev mailing list