Bug#787037: openssh-client: remove 1Kbit DH groups from /etc/ssh/moduli
Daniel Kahn Gillmor <dkg@fifthhorseman.net> writes:
> Upstream is removing 1Kbit DH groups from /etc/ssh/moduli (see attached
> message). Debian should do the same (possibly backporting the fix to
> earlier releases as well), to reduce the likelihood that clients of
> debian ssh servers get stuck using a widely-used group that is weaker
> than we'd like.
I've been following the discussion upstream; but we did already have a
bug where weak-DH was being discussed - #774711. Do we need this one
too?
Regards,
Matthew
--
"At least you know where you are with Microsoft."
"True. I just wish I'd brought a paddle."
http://www.debian.org
Reply to: