[X2Go-Dev] Bug#472: Bug#472: Debian now has diffie-hellman-group1-sha1 disabled

Oleksandr Shneyder o.shneyder at phoca-gmbh.de
Mon Oct 13 15:34:16 CEST 2014 

And why is it a problem for X2Go? Is libssh not working any more? Then
it should be fixed in libssh, not in x2go?

Am 11.10.2014 22:48, schrieb Mike Gabriel:
> Control: severity -1 important
> 
> HI Alex (DEKKER), hi Alex (Schneyder),
> 
> On  Sa 11 Okt 2014 13:07:00 CEST, Alex DEKKER wrote:
> 
>> As of Version: 1:6.7p1-1 of openssh-server, it appears that Debian
>> [and presumably upstream]'s sshd now has diffie-hellman-group1-sha1
>> disabled. This means that connections from x2goclient will fail.
>>
>> I was able to work around this by adding:
>>
>> KexAlgorithms
>> curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
>>
>>
>> to /etc/ssh/sshd_config, but obviously at some point support for
>> diffie-hellman-group1-sha1 is going to go away completely, rather than
>> just being disabled by default.
> 
> Thanks for bringing this up. Did not realize so far.
> 
> @Alex Schneyder: do you think you can find a fix for this. This actually
> is a release blocker of 4.0.3.0... And it endangers the status of X2Go
> Client in Debian, as well.
> 
> Mike
> 
> 


-- 
-----------------------------------------------------------
Oleksandr Shneyder        | Email: o.shneyder at phoca-gmbh.de
phoca GmbH                | Tel. : 0911 - 14870374 0
Ludwig-Feuerbach-str. 18  | Fax. : 0911 - 14870374 9
D-90489 Nürnberg          | Mobil: 0163 - 49 64 461

Geschäftsführung:
Dipl.-Inf. Oleksandr Shneyder

Amtsgericht München | http://www.phoca-gmbh.de
HRB 196 658         | http://www.x2go.org
USt-IdNr.: DE281977973
-----------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20141013/f6a7fd65/attachment.pgp>

More information about the x2go-dev mailing list