The reason for this bug is how the list of key exchange methods is
created and then modified later.
1. The original KEX list is taken from options.
2. The extension negotiation "options" which are not real kex enc
types are added to the list.
3. The GSSAPI enc types are prepended (code from
Even if there is no immediate fix between 2-2 and 2-4 perhaps, this bug is
still relevant in version 7.2p2-4. Interestingly enough it does not seem to
honor the "ReKeyLimit 0G" either to bypass it completely.
br,
R
On 2016-03-28 00:15:12 CEST, Colin Watson wrote:
> On Sun, Mar 27, 2016 at 05:11:43PM +0200, Peter Gille wrote:
>> I get failures during rekey when using ssh with kerberos authentication
>> and GSSAPI key-exchange.
>
> Could you please try 1:7.2p2-2 and see if it fixes this? It certainly
> has
On Sun, Mar 27, 2016 at 05:11:43PM +0200, Peter Gille wrote:
> I get failures during rekey when using ssh with kerberos authentication
> and GSSAPI key-exchange.
Could you please try 1:7.2p2-2 and see if it fixes this? It certainly
has a fix specific to GSSAPI key exchange.
Thanks,
--
Colin Wa
Package: openssh-client
Version: 1:7.2p2-1
Severity: normal
Dear Maintainer,
I get failures during rekey when using ssh with kerberos authentication
and GSSAPI key-exchange. This can be noticed in long-running ssh
sessions or when doing large scp transfers (or triggered manually in the
ssh clien
5 matches
Mail list logo
