Re: [platform-testers] verification instructions for groff 1.23.0.rc2

[Alexis]

"G. Branden Robinson" <g.branden.robinson@gmail.com> writes:

> > > Unable to negotiate with 213.178.77.185 port 22: no matching 
> > > key
> > > exchange method found. Their offer:
> > > 
> > gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> >
> > i believe the relevant ssh option is 'KexAlgorithms', e.g.:
> >
> >    ssh -o KexAlgorithms=diffie-hellman-group1-sha1
>
> Thanks!  That did the trick.  I couldn't get the gss-* one to 
> work; it
> seems that the 'ssh' command doesn't believe it to be lexically 
> valid.

i was intrigued by that one, and did some research. The 
gss-group1-sha1-* algorithms were deprecated via a "SHOULD NOT" in 
RFC8732, published in February 2020, due to having "small key 
lengths and are no longer strong in the face of brute-force 
attacks":

https://www.rfc-editor.org/rfc/rfc8732#name-deprecated-algorithms


Alexis.