| Summary: | ssh client is advertising the server's algorithm lists | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Portable OpenSSH | Reporter: | NUXI <nuxi> | ||||
| Component: | ssh | Assignee: | Assigned to nobody <unassigned-bugs> | ||||
| Status: | CLOSED FIXED | ||||||
| Severity: | minor | CC: | djm | ||||
| Priority: | P5 | ||||||
| Version: | 7.8p1 | ||||||
| Hardware: | Other | ||||||
| OS: | Linux | ||||||
| Bug Depends on: | |||||||
| Bug Blocks: | 2915 | ||||||
| Attachments: |
|
||||||
Ha, since nobody has complained I guess we can deprecate diffie-hellman-group-exchange-sha1 I applied your patch and removed the diffie-hellman-group-exchange-sha1 KEX method from the client's list. close bugs that were resolved in OpenSSH 8.5 release cycle |
Created attachment 3242 [details] Fix SSH client algorithm advertisements. Commit 1b9dd4aa ("upstream: better diagnosics on alg list assembly errors") in OpenSSH 7.8p1 accidently changed the SSH client to use the server's algorithm lists instead of the client's. The only difference between the two lists is the inclusion of "diffie-hellman-group-exchange-sha1" in the client's list. I've attached a patch to fix this.