Can we disable diffie-hellman-group-exchange-sha1 by default?

David Lang david at
Fri Feb 15 16:51:37 AEDT 2019

On Fri, 15 Feb 2019, Darren Tucker wrote:

> On Fri, 15 Feb 2019 at 14:22, Yegor Ievlev <koops1997 at> wrote:
>> I'm not nearly knowledgeable enough in crypto to fully understand your
>> answer, but I will try. I wonder why moduli are not automatically
>> generated the first time sshd is started though. That would make much
>> more sense than shipping a default moduli file but also asking
>> everyone to replace it with their own.
> That was the original intent (and it's mentioned in RFC4419) however
> each moduli file we ship (70-80 instances of 6 sizes)  takes about 1
> cpu-month to generate on a lowish-power x86-64 machine.  Most of it is
> parallelizable, but even then it'd likely take a few hours to generate
> one of each size.  I imagine that'd cause some complaints about
> startup time.

is there a document somewhere that gives simple instructions on how to do this 
(as opposed to digging them out of a large RFC that covers lots of other stuff)

ideally a simple script that could be run.

Can this be something that is set to run in the background (heavily niced) and 
then switch in when completed? or would that cause grief with existing keys in 

David Lang

> With those caveats, you are also welcome to add the appropriate
> ssh-keygen commands to your startup scripts.

More information about the openssh-unix-dev mailing list