Re: disabling diffie-hellman-group1-sha1
JustReplyByPost_at_spambucket.net
Date: 09/27/05
- Next message: Uniprince: "syslog from Solaris via ssh to Linux syslog server"
- Previous message: Sascha Kaddatz: "Re: ssh in shell"
- In reply to: Darren Tucker: "Re: disabling diffie-hellman-group1-sha1"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 Sep 2005 10:53:27 -0700
On Mon, 27 Sep 2005, Darren Tucker wrote:
>
>
> On 2005-09-26, JustReplyByPost@spambucket.net
> <JustReplyByPost@spambucket.net> wrote:
>> My company uses Foundstone to scan for security vulnerabilities and it is
>> telling me that I should disable the diffie-hellman-group1-sha1 key
>> exchange algorithm.
> [...]
>> Fine and dandy. Is there even a way to do this in the sshd_conf? I am
>> using a mix of openssh and solaris ssh.
>
> In OpenSSH: no, you would have to modify the source. In SunSSH: don't know.
>
> I'm not sure it's a good idea, though. diffie-hellman-group1-sha1 is
> mandatory in the spec.
>
That's what I thought. Now I have to convince my managemnet of that.
-- Mark Keisler "Blessed is he who finds happiness in his own foolishness, for he will always be happy".
- Next message: Uniprince: "syslog from Solaris via ssh to Linux syslog server"
- Previous message: Sascha Kaddatz: "Re: ssh in shell"
- In reply to: Darren Tucker: "Re: disabling diffie-hellman-group1-sha1"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
