[Bug 1310781] Re: bad bignum encoding for curve25519-sha256 at libssh.org
Omega Weapon
1310781 at bugs.launchpad.net
Tue May 6 21:23:03 UTC 2014
I've just come across a knock on effect of this bug when configuring the
Ubuntu SSH server for curve25519-sha256 at libssh.org key exchange only,
and using the latest Debian package openssh-client to connect.
Because Ubuntu's SSH server version doesnt match 6.6.1, the Debian SSH
client disables curve25519-sha256 at libssh.org completely, getting rid of
the (presumably) most secure algorithm available:
==========================================================================
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Debian-4
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p1 Ubuntu-2ubuntu1
debug1: match: OpenSSH_6.6p1 Ubuntu-2ubuntu1 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000000
...
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256 at libssh.org
debug2: Compat: skipping algorithm "curve25519-sha256 at libssh.org"
debug2: compat_kex_proposal: compat KEX proposal:
No supported key exchange algorithms found
==========================================================================
The compat value being hit is in compat.c:100.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1310781
Title:
bad bignum encoding for curve25519-sha256 at libssh.org
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1310781/+subscriptions
More information about the Ubuntu-server-bugs
mailing list