Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

"Never give in. Never give in. Never. Never. Never." -- Winston Churchill

computers / comp.os.vms / Re: is there another key exchange for ssh?

SubjectAuthor
* is there another key exchange for ssh?VAXman-
`* Re: is there another key exchange for ssh?Simon Clubley
 +- Re: is there another key exchange for ssh?Craig A. Berry
 `- Re: is there another key exchange for ssh?Stephen Hoffman

1
is there another key exchange for ssh?

<00B740B1.DE4D268B@SendSpamHere.ORG>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=22386&group=comp.os.vms#22386

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!aioe.org!pr9o9uw/KLhPSFYv2ok3sg.user.46.165.242.75.POSTED!not-for-mail
From: VAXm...@SendSpamHere.ORG
Newsgroups: comp.os.vms
Subject: is there another key exchange for ssh?
Date: Sun, 01 May 2022 11:02:22 GMT
Organization: c.2022 Brian Schenkenberger. Prior employers of copyright holder and their agents must first obtain written permission to copy this posting.
Message-ID: <00B740B1.DE4D268B@SendSpamHere.ORG>
Reply-To: VAXman- @SendSpamHere.ORG
Injection-Info: gioia.aioe.org; logging-data="28422"; posting-host="pr9o9uw/KLhPSFYv2ok3sg.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
X-Notice: Filtered by postfilter v. 0.9.2
 by: VAXm...@SendSpamHere.ORG - Sun, 1 May 2022 11:02 UTC

Is there another key exchange algorithm in TCPIP services ssh other than
diffie-hellman-group1-sha1?

--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG

I speak to machines with the voice of humanity.

Re: is there another key exchange for ssh?

<t4m3c0$quf$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=22389&group=comp.os.vms#22389

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: club...@remove_me.eisner.decus.org-Earth.UFP (Simon Clubley)
Newsgroups: comp.os.vms
Subject: Re: is there another key exchange for ssh?
Date: Sun, 1 May 2022 13:53:04 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 15
Message-ID: <t4m3c0$quf$1@dont-email.me>
References: <00B740B1.DE4D268B@SendSpamHere.ORG>
Injection-Date: Sun, 1 May 2022 13:53:04 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="a5edcd4cb28d879d80c1ff9de28aff29";
logging-data="27599"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/tHqmfq7mBdc1KPHARgyai+GKow4y4GdQ="
User-Agent: slrn/0.9.8.1 (VMS/Multinet)
Cancel-Lock: sha1:zfcHdIA7VQftaDsZieF+NjHPTbs=
 by: Simon Clubley - Sun, 1 May 2022 13:53 UTC

On 2022-05-01, VAXman- @SendSpamHere.ORG <VAXman-@SendSpamHere.ORG> wrote:
> Is there another key exchange algorithm in TCPIP services ssh other than
> diffie-hellman-group1-sha1?
>

IIRC, VSI released an updated set of algorithms as a patch for the
very latest version.

What version are you runninig ?

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.

Re: is there another key exchange for ssh?

<t4m6i7$lt2$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=22391&group=comp.os.vms#22391

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: craigbe...@nospam.mac.com (Craig A. Berry)
Newsgroups: comp.os.vms
Subject: Re: is there another key exchange for ssh?
Date: Sun, 1 May 2022 09:47:33 -0500
Organization: A noiseless patient Spider
Lines: 15
Message-ID: <t4m6i7$lt2$1@dont-email.me>
References: <00B740B1.DE4D268B@SendSpamHere.ORG> <t4m3c0$quf$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sun, 1 May 2022 14:47:35 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="a6ce0f41329042c97b3ee2d737554ea8";
logging-data="22434"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/p0CNMx0I5cc2Ie6gqRHt06ajRC64bXdg="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0)
Gecko/20100101 Thunderbird/91.8.1
Cancel-Lock: sha1:GTzdizcAMNNuwLNTpeCaBOB4gg4=
In-Reply-To: <t4m3c0$quf$1@dont-email.me>
Content-Language: en-US
 by: Craig A. Berry - Sun, 1 May 2022 14:47 UTC

On 5/1/22 8:53 AM, Simon Clubley wrote:
> On 2022-05-01, VAXman- @SendSpamHere.ORG <VAXman-@SendSpamHere.ORG> wrote:
>> Is there another key exchange algorithm in TCPIP services ssh other than
>> diffie-hellman-group1-sha1?

Yes, diffie-hellman-group14-sha1 has been available, but that's probably
not good enough for your client either.

> IIRC, VSI released an updated set of algorithms as a patch for the
> very latest version.

Right. About a month ago there was an ECO for TCP/IP Services 5.7 with
ECO5X in the name that includes diffie-hellman-group14-sha256. As far
as I can tell it's Itanium-only.

Re: is there another key exchange for ssh?

<t4mi51$p0s$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=22393&group=comp.os.vms#22393

  copy link   Newsgroups: comp.os.vms
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: seaoh...@hoffmanlabs.invalid (Stephen Hoffman)
Newsgroups: comp.os.vms
Subject: Re: is there another key exchange for ssh?
Date: Sun, 1 May 2022 14:05:21 -0400
Organization: HoffmanLabs LLC
Lines: 32
Message-ID: <t4mi51$p0s$1@dont-email.me>
References: <t4m3c0$quf$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: reader02.eternal-september.org; posting-host="cb321a92d07742a45c25c5654f171ffe";
logging-data="25628"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/6Z6JG0Kx46ZGv7wAcbuZzJevkuZHEWzU="
User-Agent: Unison/2.2
Cancel-Lock: sha1:RYLMQKp/tarhnoXbsZcWaE/wTv0=
 by: Stephen Hoffman - Sun, 1 May 2022 18:05 UTC

On 2022-05-01 13:53:04 +0000, Simon Clubley said:

> On 2022-05-01, VAXman- @SendSpamHere.ORG <VAXman-@SendSpamHere.ORG> wrote:
>> Is there another key exchange algorithm in TCPIP services ssh other
>> than diffie-hellman-group1-sha1?
>
> IIRC, VSI released an updated set of algorithms as a patch for the very
> latest version.

TCP/IP Services V5.7 ECO5o had newer diffie-hellman-group14-sha1.

That key exchange KEX was minimally adequate for connections from and
to most other platforms.

If you didn't want to downgrade the other end of the connection.

ECO5o was available for OpenVMS Alpha and OpenVMS I64.

Access to ECO5o required a specific request to VSI Support.

ECO5x is yet newer. I haven't pulled that yet, but probably should.

Among other threads:
https://groups.google.com/g/comp.os.vms/c/XMcsobiUtks/m/Mrubd3lLEgAJ

OpenSSH has yet to arrive for Alpha and Itanium, but there have been
updates made available for x86-64.

--
Pure Personal Opinion | HoffmanLabs LLC

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor