Difference between revisions of "Key exchange method (KEX)"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
|||
(15 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
[[wikipedia:Key exchange method]] | [[wikipedia:Key exchange method]] | ||
− | [[OpenSSH changelog]] | + | * [[Diffie–Hellman key exchange]] |
+ | * [[PSK]] | ||
+ | * [[Elliptic-curve Diffie–Hellman (ECDH)]] | ||
+ | |||
+ | == [[OpenSSH changelog]] == | ||
+ | * [[OpenSSH 9.0]] Aug 2022 Use the hybrid Streamlined [[NTRU]] Prime + [[x25519]] [[key exchange]] method by default | ||
* [[OpenSSH 8.5]] 03 March 2021 update/replace the experimental [[post-quantum]] hybrid key exchange method | * [[OpenSSH 8.5]] 03 March 2021 update/replace the experimental [[post-quantum]] hybrid key exchange method | ||
* Added [[curve25519-sha256]]@libssh.org key exchange | * Added [[curve25519-sha256]]@libssh.org key exchange | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
ssh -V | ssh -V | ||
[[OpenSSH_8.2]]p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020 | [[OpenSSH_8.2]]p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020 | ||
Line 20: | Line 17: | ||
− | ssh - | + | ssh -o[[KexAlgorithms]]=+diffie-hellman-group1-sha1 123.123.123.123 |
[[ssh_dispatch_run_fatal]]: Connection to 123.123.123.123 port 22: [[Invalid key length]] | [[ssh_dispatch_run_fatal]]: Connection to 123.123.123.123 port 22: [[Invalid key length]] | ||
+ | |||
+ | == Cisco IOS == | ||
+ | <code>[[show ip ssh]]</code> | ||
+ | :<code>KEX Algorithms:diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1</code> | ||
+ | |||
+ | == Related terms == | ||
+ | * <code>[[KexAlgorithms]]</code> directive | ||
+ | * <code>[[ssh -Q kex]]</code> | ||
== See also == | == See also == | ||
+ | * {{KEX}} | ||
* {{key}} | * {{key}} | ||
* {{ssh}} | * {{ssh}} | ||
+ | * {{TLS}} | ||
[[Category:ssh]] | [[Category:ssh]] |
Latest revision as of 11:01, 22 February 2024
OpenSSH changelog[edit]
- OpenSSH 9.0 Aug 2022 Use the hybrid Streamlined NTRU Prime + x25519 key exchange method by default
- OpenSSH 8.5 03 March 2021 update/replace the experimental post-quantum hybrid key exchange method
- Added curve25519-sha256@libssh.org key exchange
ssh -V OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020 ssh -o PreferredAuthentications=keyboard-interactive -o PubkeyAuthentication=no [email protected] Unable to negotiate with 10.10.10.2 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 123.123.123.123 ssh_dispatch_run_fatal: Connection to 123.123.123.123 port 22: Invalid key length
Cisco IOS[edit]
KEX Algorithms:diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
Related terms[edit]
KexAlgorithms
directivessh -Q kex
See also[edit]
- KEX, KexAlgorithms, Diffie–Hellman, PSK, Elliptic-curve Diffie–Hellman (ECDH)
- Public key cryptography,
private key
,public key
,key length
,ssh-keygen
,ssh-keyscan
, Root certificate, KEX, Generate a key - SSH:
ssh
, TLS,.ppk, .pem, .crt, .pub
, ED25519, Key exchange method (KEX), public key, private key,ssh -Q kex
,IAMUserSSHKeys
,known_hosts
, ssh tunnel, Dropbear - TLS, mTLS: OpenSSL, LibreSSL, BoringSSL, WolfSSL, X.509,
.pem
, SNI, CT, OCSP, Mbed TLS, ALPN,your connection is not private
, SSL Certificate Checker, Wildcard certificate, JA3 fingerprint, sslcan, TLS inspection
Advertising: