Key Exchange Updates?
Will Cosgrove
will at panic.com
Tue Jan 11 23:12:58 CET 2022
Yes, these would be considered weak. If you’re using the OpenSSL backend and the current version of libssh2 there are many other secure options that libssh2 supports.
If you’re not using the OpenSSL backend; someone would need to implement them on your preferred backend.
Will
> On Jan 11, 2022, at 11:39 AM, Will Bell via libssh2-devel <libssh2-devel at lists.haxx.se> wrote:
>
> Hi,
>
> Recently a popular sftp server vendor used by several of our production customers ended support for all of the following key exchange methods supported by libssh2, claiming that they are insecure:
> diffie-hellman-group1-sha1
> diffie-hellman-group14-sha1
> diffie-hellman-group-exchange-sha1
> diffie-hellman-group-exchange-sha256
>
> Unfortunately, this completely breaks libssh2 integration. Are there any plans to update the supported key exchange methods?
>
> Thanks.
> --
> libssh2-devel mailing list
> libssh2-devel at lists.haxx.se
> https://lists.haxx.se/listinfo/libssh2-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.haxx.se/pipermail/libssh2-devel/attachments/20220111/64f3b594/attachment.htm>
More information about the libssh2-devel
mailing list