Yes, these would be considered weak. If you’re using the OpenSSL backend and the current version of libssh2 there are many other secure options that libssh2 supports.
If you’re not using the OpenSSL backend; someone would need to implement them on your preferred backend. Will > On Jan 11, 2022, at 11:39 AM, Will Bell via libssh2-devel > <libssh2-devel@lists.haxx.se> wrote: > > Hi, > > Recently a popular sftp server vendor used by several of our production > customers ended support for all of the following key exchange methods > supported by libssh2, claiming that they are insecure: > diffie-hellman-group1-sha1 > diffie-hellman-group14-sha1 > diffie-hellman-group-exchange-sha1 > diffie-hellman-group-exchange-sha256 > > Unfortunately, this completely breaks libssh2 integration. Are there any > plans to update the supported key exchange methods? > > Thanks. > -- > libssh2-devel mailing list > libssh2-devel@lists.haxx.se > https://lists.haxx.se/listinfo/libssh2-devel
-- libssh2-devel mailing list libssh2-devel@lists.haxx.se https://lists.haxx.se/listinfo/libssh2-devel
