enable diffie-hellman-group1-sha1 on Jessie

Discussion in 'Installation/Configuration' started by aldo, Aug 10, 2015.

  1. aldo

    aldo Member HowtoForge Supporter

    It seems that in Debian 8 (OpenSSH 6.7), diffie-Hellman-group1-sha1 is disabled by default.
    A client that connects via SSH receive the error:
    I tried adding
    KexAlgorithms diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
    to sshd_config but the problem persists.

    Any help is welcome.
  2. Ovidiu

    Ovidiu Active Member

    Same question here, anyone?
  3. This can be caused becuase in some Linux distributions, /etc/ssh/sshd_conf is missing the KexAlgorithms and Cipher fields to describe which methods are supported by the SSH daemon. Please try to add this inside the conf:
    KexAlgorithms diffie-hellman-group1-sha1,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
    Ciphers 3des-cbc,blowfish-cbc,aes128-cbc,aes128-ctr,aes256-ctr
    After saving, regenerate the keys:
    "ssh-keygen -A"
    Then restart SSH service.
    Give me an output if this will work
    Last edited: Dec 10, 2015
    aldo and Ovidiu like this.
  4. alkool

    alkool New Member

    It works, after a restart of the sshd. Thanks!

    P.S. I made an account here just to let you know.
  5. Great to know! Tell me if you need any more help.

Share This Page