preferred key exchange methods

Marko Asplund aspa at
Fri Mar 8 20:44:15 EST 2002

is there a way of specifying preferred key exchange methods on client end
with OpenSSL 3.1 using ssh2?

i'm trying to determine which key exchange method is actually being used
for a connection but i'm i bit confused by the debug messages:

debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 121/256
debug1: bits set: 1553/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host ' (' can't be established.
RSA key fingerprint is 84:e2:3f:20:c4:61:e0:3e:ba:04:f6:62:98:73:97:a0.
Are you sure you want to continue connecting (yes/no)? 

the debug messages indicate Diffie-Hellman key exchange is used but with
an RSA key. is this correct?


More information about the openssh-unix-dev mailing list