[X2Go-Dev] Bug#472: Bug#472: Bug#472: Bug#472: Debian now has diffie-hellman-group1-sha1 disabled
Michael DePaulo
mikedep333 at gmail.com
Tue Oct 14 01:22:11 CEST 2014
On Mon, Oct 13, 2014 at 3:33 PM, Michael DePaulo <mikedep333 at gmail.com> wrote:
> [...]
>
> Looking through the libssh git logs, it appears that libssh 0.6 was
> the first version to add support for a non-sha1 key exchange method,
> ecdh_sha2_nistp256 [1].
>
> 0.6 also added support for curve25519-sha256 at libssh.org [1].
>
> In a few hours or so, I will test if using a libssh 0.6.x linked
> version of x2goclient fixes this bug.
>
> Jessie does include libssh 0.6.3 (Thanks to our DD, Mike#1)[2].
>
> -Mike#2
>
> [1] http://git.libssh.org/projects/libssh.git/log/?id=libssh-0.6.0&qt=grep&q=sha2
> [2] https://packages.debian.org/jessie/libssh-4
The bad news:
I can confirm that X2Go Client for Windows 4.0.2.1+hotfix+build6 (and
all prior versions/builds) ARE AFFECTED by this bug and ARE UNABLE to
connect to a Debian Jessie server with openssh-server 6.7p1-2 (from
sid) installed. Said version of X2go Client for Windows bundles and
uses libssh 0.5.5.
The good news:
I can confirm that X2Go Client for Windows 4.0.3.0 nightly builds
(mingw 4.8 tested) ARE NOT AFFECTED by this bug and ARE ABLE to
connect to a Debian Jessie server with openssh-server 6.7p1-2 (from
sid) installed. Said version of X2Go Client bundles and uses libssh
0.6.3.
See bug #590 for the details on X2Go Client for Windows having libssh
upgraded to 0.6.x during 4.0.3.0's development cycle.
-Mike#2
More information about the x2go-dev
mailing list