Date: Thu, 06 Mar 2014 17:22:20 -0800 From: Dennis Glatting <freebsd@pki2.com> To: freebsd-questions@freebsd.org Subject: OpenSSH 6.5 broken(?) Message-ID: <1394155340.8252.45.camel@btw.pki2.com>
next in thread | raw e-mail | index | archive | help
With the upgrade to 6.5 I can no longer log into Cisco devices. I traced
the problem down to the code fragment below, which was a change made in
late January.
During the key exchange under 6.5 this is a clue:
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<8192<8192) sent
Compared to 6.2:
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<4096<8192) sent
I reverted the patch in my source and the problem goes away. I do not
know if that was the correct thing to do.
Index: kexgexc.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/kexgexc.c,v
retrieving revision 1.15
diff -u -p -r1.15 kexgexc.c
--- kexgexc.c 12 Jan 2014 08:13:13 -0000 1.15
+++ kexgexc.c 25 Jan 2014 10:04:23 -0000
@@ -55,7 +55,7 @@ kexgex_client(Kex *kex)
int min, max, nbits;
DH *dh;
- nbits = dh_estimate(kex->we_need * 8);
+ nbits = dh_estimate(kex->dh_need * 8);
if (datafellows & SSH_OLD_DHGEX) {
/* Old GEX request */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1394155340.8252.45.camel>