PuTTY wish rfc4419

This is a mirror. Follow this link to find the primary PuTTY web site.

Home | FAQ | Feedback | Licence | Updates | Mirrors | Keys | Links | Team
Download: Stable · Snapshot | Docs | Changes | Wishlist

summary: Support the RFC 4419 revision to Diffie-Hellman group exchange
class: wish: This is a request for an enhancement.
difficulty: fun: Just needs tuits, and not many of them.
priority: high: This should be fixed in the next release.
fixed-in: 2015-04-25 62a1bce7cb3ecb98feb57c7f1fd5d55845ce1533 0.65

The variant of Diffie-Hellman key exchange in which the server sends a different prime modulus every time (known in SSH as 'group exchange') was revised by RFC 4419 to change the format of the SSH_MSG_KEX_DH_GEX_REQUEST message, and also its message number. PuTTY didn't get round to supporting the revised message for quite a long time, but as of 0.65 it will now do so.

As of 6.9, the OpenSSH server has removed support for these messages. It has backwards-compatibility code for old versions of PuTTY (where it disables group exchange), which also triggers for some PuTTY-derived clients, but probably not all of them. If for some reason the backwards-compatibility arrangements don't work, there'll be a message like kex protocol error: type 30 seq 1 [preauth] in the SSH server log.

As of 7.2, the OpenSSH server additionally rejects the old messages with an UNIMPLEMENTED response (bz#2494). If this happens to you (again, if the server's backward-compatibility measures don't fire), you can expect to see a message like "Disconnected: Server protocol violation: unexpected SSH2_MSG_UNIMPLEMENTED packet". (Servers from 6.9 through 7.1 did something less helpful.)

If you want to comment on this web site, see the Feedback page.
Audit trail for this wish.
(last revision of this bug record was at 2022-09-11 23:46:37 +0100)