SSHD warning - using fixed modulus
Hi,
I am running a fresh installation of RHEL 6 box and it shipped with Openssh 5.3. But, /etc/ssh/moduli file doesn't exist even in this new installation and the SSH log warns as below: PHP Code:
Any ideas ??? |
See: man moduli.
The "Diffie-Hellman Key Exchange" is that point in the initial negotiation process where the two parties ("Alice" and "Bob") use public-key cipher techniques to negotiate and agree upon a random symmetric-cipher key that they will (initially...) use in their upcoming conversation. Part of that technique involves the use of large prime numbers. Some suitable numbers are built-in ("fixed"), but the moduli file allows you to pre-compute a list of candidate primes from which to randomly choose. I am not technically qualified to say what the total ramifications might be. But my uneducated opinion is that it is a choice between "strong," and "stronger yet." |
Not that you shouldn't ask here, but you paid for RHEL because it includes support. WHat did RH have to say?
|
All times are GMT -5. The time now is 09:24 AM. |