Public bug reported:
For instance when the KexAlgorithms option in sshd_config is set to include Diffie Hellman group exchange (e.g. diffie-hellman-group-exchange-sha256), and the /etc/ssh/moduli file is regenerated to include only 4096 bit primes, the ssh server may log the above warning message to /var/log/auth.log, probably because the ssh client trying to log in does not allow for the use of 4096 bit primes during the key exchange. The alleged problem is the reference to /etc/ssh/primes instead of /etc/ssh/moduli. It would appear that the file /etc/ssh/primes is neither used by ssh server, nor documented. I note that this error appears to have been reported in several places on the web in the past years, but to no avail (e.g. http://misc.openbsd.narkive.com/tZPNEoZk/no-suitable-primes) Release: Ubuntu 14.04.3 LTS Package: openssh-server, Version: 1:6.6p1-2ubuntu2.3 ** Affects: openssh (Ubuntu) Importance: Undecided Status: New ** Tags: error logging -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1528251 Title: WARNING: no suitable primes in /etc/ssh/primes To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1528251/+subscriptions -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
