Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update GEX fallback processing for OpenSSH #310

Open
jtesta opened this issue Dec 4, 2024 · 1 comment
Open

Update GEX fallback processing for OpenSSH #310

jtesta opened this issue Dec 4, 2024 · 1 comment

Comments

@jtesta
Copy link
Owner

jtesta commented Dec 4, 2024

After over 7 years, the OpenSSH project seems to have accepted my patch to remove the Diffie-Hellman group exchange fallback mechanism! See: https://bugzilla.mindrot.org/show_bug.cgi?id=2793

It sounds like a variation of my patch will go into the next release (v10.0). Assuming it works the way I imagine it, ssh-audit can restrict the current post-processing logic to only OpenSSH v9.9 and lower. Hence, against v10.0 and above, ssh-audit will report the exact results it gets without having to explain any subtleties of the results to the user.
@jtesta
Copy link
Owner Author

jtesta commented Dec 5, 2024

The patch was committed in openssh/openssh-portable@97eb247.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jtesta