Difference between revisions of "Key exchange method (KEX)"
Jump to navigation
Jump to search
Line 1: | Line 1: | ||
[[wikipedia:Key exchange method]] | [[wikipedia:Key exchange method]] | ||
− | [[OpenSSH changelog]] | + | === [[OpenSSH changelog]] === |
* [[OpenSSH 9.0]] Aug 2022 Use the hybrid Streamlined [[NTRU]] Prime + [[x25519]] [[key exchange]] method by default | * [[OpenSSH 9.0]] Aug 2022 Use the hybrid Streamlined [[NTRU]] Prime + [[x25519]] [[key exchange]] method by default | ||
* [[OpenSSH 8.5]] 03 March 2021 update/replace the experimental [[post-quantum]] hybrid key exchange method | * [[OpenSSH 8.5]] 03 March 2021 update/replace the experimental [[post-quantum]] hybrid key exchange method | ||
* Added [[curve25519-sha256]]@libssh.org key exchange | * Added [[curve25519-sha256]]@libssh.org key exchange | ||
+ | |||
+ | ssh -V | ||
+ | [[OpenSSH_8.2]]p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020 | ||
+ | ssh -o PreferredAuthentications=keyboard-interactive -o PubkeyAuthentication=no [email protected] | ||
+ | [[Unable to negotiate]] with 10.10.10.2 port 22: no matching [[key exchange method]] found. Their offer: [[diffie-hellman-group-exchange-sha1]],[[diffie-hellman-group14-sha1]],[[diffie-hellman-group1-sha1]] | ||
+ | |||
+ | |||
+ | ssh -o[[KexAlgorithms]]=+diffie-hellman-group1-sha1 123.123.123.123 | ||
+ | [[ssh_dispatch_run_fatal]]: Connection to 123.123.123.123 port 22: [[Invalid key length]] | ||
Revision as of 05:38, 30 August 2022
OpenSSH changelog
- OpenSSH 9.0 Aug 2022 Use the hybrid Streamlined NTRU Prime + x25519 key exchange method by default
- OpenSSH 8.5 03 March 2021 update/replace the experimental post-quantum hybrid key exchange method
- Added curve25519-sha256@libssh.org key exchange
ssh -V OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020 ssh -o PreferredAuthentications=keyboard-interactive -o PubkeyAuthentication=no [email protected] Unable to negotiate with 10.10.10.2 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 123.123.123.123 ssh_dispatch_run_fatal: Connection to 123.123.123.123 port 22: Invalid key length
Cisco IOS
KEX Algorithms:diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
Related terms
KexAlgorithms
directive
See also
- KEX, KexAlgorithms, Diffie–Hellman, PSK, Elliptic-curve Diffie–Hellman (ECDH)
- Public key cryptography,
private key
,public key
,key length
,ssh-keygen
,ssh-keyscan
, Root certificate, KEX, Generate a key - SSH:
ssh
, TLS,.ppk, .pem, .crt, .pub
, ED25519, Key exchange method (KEX), public key, private key,ssh -Q kex
,IAMUserSSHKeys
,known_hosts
, ssh tunnel, Dropbear
Advertising: