View Single Post
  #1  
Old 08-16-2019, 04:10 PM
bgagnon bgagnon is offline
VanDyke Technical Support
 
Join Date: Oct 2008
Posts: 4,021
Question FAQ: What are the key exchange algorithms supported in VShell/Windows?

As of the current release, VShell version 4.4.3, these are the key exchange algorithms supported (with the version when first implemented):
curve25519-sha256 (v4.4)
ecdh-sha2-nistp521 (v4.1)
ecdh-sha2-nistp384 (v4.1)
ecdh-sha2-nistp256 (v4.1)
diffie-hellman-group-exchange-sha256 (v4.1)
Kerberos (v3.5)
Kerberos (Group Exchange) (v3.5)
diffie-hellman-group14 (v2.3)
diffie-hellman-group (v1.x)
[diffie-hellman] (v1.x, but disabled since v4.1)



Note that while diffie-hellman is still available, it was disabled as of v4.1 due to well-documented flaws in the algorithm associated with news surrounding the Logjam vulnerability. Many other SSH servers and clients have turned off default support for the diffie-hellman key exchange algorithm.

Changes in VShell 4.1.1 (Official) -- July 14, 2015
-----------------------------------------------------------------------------------
Changes:
  • In light of a potential vulnerability with SSH key exchange, similar to the TLS Logjam vulnerability, the diffie-hellman group1 key-exchange algorithm is no longer enabled by default and all 1024 bit primes have been removed from VShell's primes.txt file.
Attached Images
File Type: png vshell443_kex.png (35.5 KB, 66 views)
__________________
Thanks,
--Brenda

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730

Last edited by bgagnon; 08-19-2019 at 02:15 PM. Reason: Changed version on group14