Karen Lewellen wrote:
1.
I am not using Linux, but an ssh client compiled from a combination of
tools, Linux and otherwise, including putty.
I have been very firm in not stating that I use Linux at all.
Kind of a bad move, what with this being a Debian (Linux) mailing list.
Lot of wasted effort would've been saved.
In fact the first sentence of my question stated that while the issue is
complex, the question, where dh keys are generated, was simple.
They're generated on the fly at the time of connection. The server and
client each (should) have a "moduli" file somewhere, where they can seed
the DH key generation from (in whichever version of Debian I'm running
on this test box, it happens to be /etc/ssh/moduli)
2. I can state firmly that the port number has absolutely a great deal
to do with my issue.
You can say that til you're blue in the face, it doesn't make you
correct though. As I said before, the selection of a standard vs.
nonstandard port for ssh (or, any service for that matter) has no
bearing on the Diffie-Hellman Key Exchange portion of the handshake.
best evidence? your getting this e-mail at all.
I assume you mean to imply that you're ssh'd into some remote host and
it just so happens to be running a service on a nonstandard port. See
above for the refutation of this claim.
I am writing using a shell service that uses Ubuntu 16.04 as its
platform...same as dreamhost.
we do not use port 22 here, and I can use my ssh client to reach my
workspace..doing such as we speak..
Likewise an associate who hosts their own servers created a temp account
for me, using port 4460...worked perfectly.
I respect other factors might be involved, but my goal is the swiftest
solution that lets us move our services from dreamhost somewhere else to
which I can ssh from my desktop/
If choosing a location with a port other than 22 solves the issue, it is
good enough for me.
The thing is, it's NOT the selection of the port that's making it work
(or not) - it's a difference between your SSH client and the server's
acceptable range for key moduli.
For Openssh 6.7p1
DH_GRP_MIN 1024
DH_GRP_MAX 8192
For Openssh 7.4
DH_GRP_MIN 2048
DH_GRP_MIN 8192
Since you're running a series of ssh clients (? ... or a amalgamation of
all of them ...?), it's up to you to check the various changelogs of
them to see if you need updates (or if they've been abandoned or ... )
--
|_|O|_| Registered Linux user #585947
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5 4AEE 8E11 DDF3 1279 A281