Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
How to get KEX algorithm curve25519-sha256@libssh.org ?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
toralf
Developer
Developer


Joined: 01 Feb 2004
Posts: 3706
Location: Hamburg

PostPosted: Wed Jan 01, 2014 3:49 pm    Post subject: How to get KEX algorithm curve25519-sha256@libssh.org ? Reply with quote

https://bettercrypto.org/static/applied-crypto-hardening.pdf mentioned at page 17 a "curve25519-sha256@libssh.org" - but this is unknown here at my x86 Gentoo :
Code:
n22 /etc/ssh # /etc/init.d/sshd start
Unsupported KEX algorithm "curve25519-sha256@libssh.org"
/etc/ssh/sshd_config line 35: Bad SSH2 KexAlgorithms 'curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1'.
 * ERROR: sshd failed to start


How to solve it ?
Back to top
View user's profile Send private message
mancha
n00b
n00b


Joined: 05 Jan 2014
Posts: 2

PostPosted: Sun Jan 05, 2014 11:10 pm    Post subject: Reply with quote

Hello.

The document is slightly misleading as it seems to suggest curve25519 support is available as of openssh 6.1. In reality, it is not yet supported in a point release.

I have ported upstream code to 6.3p1 and 6.4p1 which you're welcome to use:

openssh-6.3p1-curve25519.diff
openssh-6.4p1-curve25519.diff

--mancha
Back to top
View user's profile Send private message
Gatak
Tux's lil' helper
Tux's lil' helper


Joined: 04 Jan 2004
Posts: 115

PostPosted: Wed Jan 08, 2014 8:00 pm    Post subject: Reply with quote

mancha wrote:
Hello.

The document is slightly misleading as it seems to suggest curve25519 support is available as of openssh 6.1. In reality, it is not yet supported in a point release.

I have ported upstream code to 6.3p1 and 6.4p1 which you're welcome to use:

openssh-6.3p1-curve25519.diff
openssh-6.4p1-curve25519.diff

--mancha


Thanks. I'll try it out asap, probably over the weekend.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum