I understand the desire to remove diffie-hellman-group14-sha1 for example from the default offers - and agree completely with that. This bug is NOT about the removal/default changes. Somewhere between 7.6p1 and 8.2p1 the ability to add the deprecated algorithms back in via config has broken. IT DOES WORK on command line. It's only in the config file parsing where it fails. (i.e. I can no longer add a 'Host old-PoS-router KexAlgorithms insecureone' entry to my config. This worked as of 7.6p1. Note that it is also not specific to the deprecated ones, it appears to be a general issue with that option being ignored in the config file. For example, with 7.6p1, if I put: Host * KexAlgorithms ecdh-sha2-nistp521 in config, and run with -vvv, I see: debug2: local client KEXINIT proposal debug2: KEX algorithms: ecdh-sha2-nistp521,ext-info-c but with 8.2p1, the offer just shows the default regardless of the content of the settings in config: debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group1-sha1,ext-info-c I'll see if I can find where specifically this broke.
Some further digging - it appears it's not exactly as described. It's obeying the config when the config is SIMPLE. But if I put: KexAlgorithms +diffie-hellman-group1-sha1 it's like it's getting stuck with the default, and ignoring any other changes. Trying to find more detail.
I was able to work around this... Maybe it's expected, but there appears to be something "magic" about adding group1-sha1 that interferes with incrementally adding other entries. Adding all of them in one shot appears to work fine even on current versions.
Please, post the complete debug log and check what is in all the configuration files (also included if you have some).
AH, I think I now understand what the problem is with what I was doing. The KexAlgorithms config setting in config file ONLY WORKS ONCE. i.e. you cannot do: KexAlgorithms +diffie-hellman-group1-sha1 KexAlgorithms +diffie-hellman-group-exchange-sha1 but when specified via command line, it appears to allow another override (or it's being processed first). Above snippet results in it listing group1-sha1, but NOT the group-exchange-sha1. Is that "one shot" expected? It sure doesn't appear that way from documentation.
Created attachment 3413 [details] Trace of ssh -vvv Example trace with this conf file in /tmp/testconf: KexAlgorithms diffie-hellman-group14-sha1 KexAlgorithms +diffie-hellman-group1-sha1 KexAlgorithms +diffie-hellman-group-exchange-sha1 and invoked as: ssh -F /tmp/testconf -vvv root@localhost id >/tmp/trace.txt 2>&1
This appears to be long standing behavior, I had always had the +diffie-hellman-group1-sha1 and only noticed the change with upgrade to Ubuntu20 when the group-exchange-sha1 was also removed in current versions.
This is expected behaviour - ssh'd config is "first match wins" for most configuration options. I.e only the first configuration option is considered. This is documented at the start of ssh_config(1): "For each parameter, the first obtained value will be used." You should be able to do: KexAlgorithms +diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 to get the behaviour you want.
Totally explains the behavior, sorry for the wasted time. Thank you.
close bugs that were resolved in OpenSSH 8.5 release cycle