https://bugzilla.mindrot.org/show_bug.cgi?id=2209
--- Comment #6 from Darren Tucker <[email protected]> --- Someone was able to give me access to two Ciscos, one with the bug and one without (thanks, Steinar!) and I was able to test the patch. Unfortunately they both have the same protocol banner, so we can't selectively blacklist only the affected implementations. $ ssh -vvv -o KexAlgorithms=diffie-hellman-group-exchange-sha1 cisco-with-bug [...] debug1: Remote protocol version 2.0, remote software version Cisco-1.25 debug1: no match: Cisco-1.25 [...] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<8192<8192) sent Connection closed by 2001:67c:29f4::19 $ ssh -vvv -o KexAlgorithms=diffie-hellman-group-exchange-sha1 -c aes256-cbc cisco-without-bug [...] debug1: Remote protocol version 2.0, remote software version Cisco-1.25 debug1: no match: Cisco-1.25 [...] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<8192<8192) sent debug1: got SSH2_MSG_KEX_DH_GEX_GROUP debug2: bits set: 2078/4096 With patch: $ ssh -vvv -o KexAlgorithms=diffie-hellman-group-exchange-sha1 cisco-with-bug [...] debug1: Remote protocol version 2.0, remote software version Cisco-1.25 debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x40000000 [...] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<4096<8192) sent debug1: got SSH2_MSG_KEX_DH_GEX_GROUP debug2: bits set: 2016/4096 $ ssh -vvv -o KexAlgorithms=diffie-hellman-group-exchange-sha1 -c aes256-cbc cisco-without-bug [...] debug1: Remote protocol version 2.0, remote software version Cisco-1.25 debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x40000000 [...] debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<4096<8192) sent debug1: got SSH2_MSG_KEX_DH_GEX_GROUP debug2: bits set: 2087/4096 Looks like it works. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
