1

Resolved

WARNING: no suitable primes in /etc/primes

description

On some very strict servers a connect attempt with SSH.NET can lead to a warning of the sshd:
"WARNING: no suitable primes in /etc/primes"
This is because SSH.NET requests 1024 bits for group-exchange during kex and in /etc/moduli
(yeah, the file is name different than in the warning, but this is a OpenSSH-Issue) are no 1024 bits entries.
Connection is still established succesfully, but this warning may irritate people.
this.SendMessage(new KeyExchangeDhGroupExchangeRequest(1024,1024,1024));
So SSH.NET requests min 1024, max 1024 and prefers 1024.

I changed in KeyExchangeDiffieHellmanGroupExchangeSha256.cs:
this.SendMessage(new KeyExchangeDhGroupExchangeRequest(1024,1024,8192));
and
MaximumGroupSize = 8192
So now 8192 bits are the maximum.
With this changes client/server choose 2048 bits, the warning disappears and the connection is still working fine.
I'm not sure if the strict 1024 bits are intended.

Would be nice to have this in the upstream code, since OpenSSH client does the same.
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/dh.h?rev=1.11;content-type=text%2Fplain
http://tools.ietf.org/html/rfc4419
#define DH_GRP_MIN      1024
#define DH_GRP_MAX      8192

comments

olegkap wrote May 2 at 2:13 AM

Hey,

I think its ok to user 8192.
I think I used 1024 since I saw it as example being used somewhere else and after testing with few server it seems to be working so I just kept using the same number.
I think with new server releases they increased requirement for primes so now they use higher one it seems.
Feel free to change it in source code this way or may be to see if it should be exposed as configurable property in case somebody need to change it.

Thanks.

da_rinkes wrote May 6 at 5:58 AM

Ok. Uploaded a patch for it.

drieseng wrote May 6 at 7:33 PM

Great catch, and thanks for the patch!

I'll commit a revised version of your patch later this week in which I'll also fix the same issue for SHA1, and remove some code duplication in this area.

drieseng wrote May 6 at 7:55 PM

Great catch, and thanks for the patch!

I'll commit a slightly revised version of your patch later this week in which I'll also fix the same issue for SHA1, and remove some code duplication in this area.

drieseng wrote May 7 at 6:23 PM

Fixed in changeset 35773.