[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: a dh keys question?

On 8/1/2018 9:16 PM, Dan Purgert wrote:
On August 1, 2018 2:50:39 PM EDT, Karen Lewellen <klewellen@shellworld.net> wrote:
just a slight update..and correction of an idea below.

On Wed, 1 Aug 2018, Dan Purgert wrote:

Precisely.  DH failures are typically because one end or the other is
trying to use an "out of bounds" keysize.  E.g. you have a SSH 7.x
client, and the server is 6.0 or lower.
Not the case here,
as stated the problem exists, on every server I have tried,  that uses
port 22.

That doesn't prove or disprove anything about a mismatch between client and server versions.

The error message is _probably_ something like this, right (note -
require "ssh -vv" in order to see):
not at all.
As stated I was able to do this until about 5:00 p. m. on the last
of   June.
Additionally, one test done this morning, of a server using a port
than   22 proves my concern.  I could reach it perfectly.
Granted I intend doing yet another test  on a different server  with
the port number changed. However regardless of where I visit, even
I should have no issues  like the chat.shazow  idea,
The error is the same.

As someone else said, it might be your ISP, though if it was them, you'd be getting a different error than the Diffie-Hellman key exchange.

But without seeing logs, it's kind of impossible to see what's going on.

A simple check to make things work is running the ssh command as

My client already allows an option for  some slight dh key
no difference.

What client are you using that you can change them?  I mean, the DH Key Exchange parameters are hard-coded in the openssh source (and cannot be changed without recompiling the client).

I cannot type the command you put here, but  it does not seem to be the fastest solution.

I don't follow what you mean here.

(Apologies to all in case of weird formatting, responding from my mobile)


You seem to use your own domain name, it might be some policy changes that restrict the use of ssh and not your ISP.

John Doe

Reply to: