[Bug 1528251] Re: WARNING: no suitable primes in /etc/ssh/primes
Dimitri John Ledkov
launchpad at surgut.co.uk
Wed Mar 30 11:03:05 UTC 2016
Surely the bug is in Client: Prompt 2 v2.5.2 (Build 23057) on IOS 9.2.1
(see https://panic.com/prompt/), and you should report to them that it
should use stronger keys to authenticate, no? We do not provide support
for third party ssh clients. And we will not weaken our server to
support weak clients.
Also wily 15.10 on amd64, is out of scope for s390x support on xenial.
Please let me know, if you can reproduce this at all with Ubuntu clients
and Ubuntu server on s390x.
** Changed in: openssh (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1528251
Title:
WARNING: no suitable primes in /etc/ssh/primes
Status in openssh package in Ubuntu:
Invalid
Bug description:
For instance when the KexAlgorithms option in sshd_config is set to include Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the ssh server may log the above warning message to /var/log/auth.log, probably because the ssh client trying to log in does not allow for the use of 4096 bit primes during the key exchange. The alleged problem is the reference to /etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file /etc/ssh/primes is neither used by ssh server, nor documented.
I note that this error appears to have been reported in several places
on the web in the past years, but to no avail (e.g.
http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes)
Release: Ubuntu 14.04.3 LTS
Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions
More information about the foundations-bugs
mailing list