Subject: diffie-hellman-group14-sha256 and MAXGROUP

diffie-hellman-group14-sha256 and MAXGROUP

From: Mitchell Holland | AKIPS <>
Date: Tue, 23 Jun 2020 16:20:21 +1000

Hi everyone,

We are using libssh2 as the connection layer in one of our products and
it has been working well. However, recently some customers have had
trouble connecting to some hosts (e.g. newer Cisco routers) because key
exchange negotiation fails.

Some fail because there is no overlap in the supported key exchange
algorithms. In order to connect, the customer has to explicitly enable
a deprecated algorithm on their hosts (diffie-hellman-group1-sha1).
These customers would like us to support diffie-hellman-group14-sha256.

We see that diffie-hellman-group14-sha256 support has recently been
added to libssh2 but that it is not yet in any release. Does anyone
know when an official release containing this key exchange algorithm
will be available?

Some other connections fail because LIBSSH2_DH_GEX_MAXGROUP is too
small. These customers' machines reject values lower than 4096 by
default but libssh2 only offers the range from 1024 to 2048. Do you
have any plans to raise the MAXGROUP value? Openssh has a min/max range
of 2048/8192 so perhaps that could be adopted in libssh2.

Thanks for all your hard work in making libssh2, we really appreciate it.

Received on 2020-06-23