Bug#753597: openssh-client: Cannot connect to hosts with 512-bit RSA key: RSA modulus too small

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#753597: openssh-client: Cannot connect to hosts with 512-bit RSA key: RSA modulus too small
From: Matthias Urlichs <matthias@urlichs.de>
Date: Thu, 03 Jul 2014 15:20:11 +0200
Message-id: <[🔎] 20140703132011.29737.11167.reportbug@desk.intern.smurf.noris.de>
Reply-to: Matthias Urlichs <matthias@urlichs.de>, 753597@bugs.debian.org

Package: openssh-client
Version: 1:6.6p1-5
Severity: normal

The minimum RSA modulus of 768 bits is hard-coded into ssh.
However, I do have a number of old routers and switches which have 512-bit
host keys.

I would like to be able to talk to these machines without recompiling SSH.

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (700, 'testing'), (650, 'stable'), (600, 'unstable'), (550, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-rc7-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openssh-client depends on:
ii  adduser           3.113+nmu3
ii  dpkg              1.17.10
ii  libc6             2.19-1
ii  libedit2          3.1-20140213-1
ii  libgssapi-krb5-2  1.12.1+dfsg-3
ii  libselinux1       2.3-1
ii  libssl1.0.0       1.0.1h-3
ii  passwd            1:4.2-2
ii  zlib1g            1:1.2.8.dfsg-1

Versions of packages openssh-client recommends:
ii  xauth  1:1.0.7-1

Versions of packages openssh-client suggests:
pn  keychain      <none>
pn  libpam-ssh    <none>
pn  monkeysphere  <none>
ii  ssh-askpass   1:1.2.4.1-9

-- Configuration Files:
/etc/ssh/ssh_config changed [not included]

-- no debconf information

Reply to:

Next by Date: openssh 1:6.6p1-6 MIGRATED to testing
Next by thread: openssh 1:6.6p1-6 MIGRATED to testing
Index(es):
- Date
- Thread