[
https://issues.apache.org/jira/browse/SSHD-319?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Guillaume Nodet resolved SSHD-319.
----------------------------------
Resolution: Fixed
Fix Version/s: 0.12.0
Assignee: Guillaume Nodet
https://git-wip-us.apache.org/repos/asf?p=mina-sshd.git;a=commit;h=ba4772a23573998a1c801e28130ccfb1a9b77121
> Handling error scenarios if Prime cannot be found.
> --------------------------------------------------
>
> Key: SSHD-319
> URL: https://issues.apache.org/jira/browse/SSHD-319
> Project: MINA SSHD
> Issue Type: Bug
> Affects Versions: 0.11.0
> Reporter: Pawel Sm7
> Assignee: Guillaume Nodet
> Fix For: 0.12.0
>
>
> > Mina does not support fallback to weaker Diffie-Hellman algorithm if Prime
> > cannot be found.
> >
> > The failure approach of fall-thru to weaker Diffie-Hellman algorithm, e.g.
> > Group14 (embedded within the Code) if Prime cannot be found, either > > due
> > to MODULI File Access Errors or Prime Not Found in the File, is the >
> > typical approach of most SSH Server Implementations.
> > OpenSSH follows this paradigm. Also it would help in communications
> > robustness.
> > It would be also nice to have a log event when the fallback happens.
> > Do you agree that this is an issue? When could it be implemented?
> >
> It makes sense to me. Especially, the spec (
> http://tools.ietf.org/html/rfc4419) says:
> The server should return the smallest group it knows that is larger
> than the size the client requested. If the server does not know a
> group that is larger than the client request, then it SHOULD return
> the largest group it knows. In all cases, the size of the returned
> group SHOULD be at least 1024 bits.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
