On Fri, Feb 26, 2016 at 3:48 PM, Matt Fredrickson <cres...@digium.com> wrote: > Reply below. > > On Thu, Feb 25, 2016 at 9:59 AM, Leif Madsen <l...@leifmadsen.com> wrote: >> >> Apologies if this is a well known issue and I'm just stirring the pot :) >> >> Attempted to check out Asterisk from Gerrit today, and got a message I >> didn't recognize. >> >> > Cloning into 'asterisk'... >> > Unable to negotiate with 76.164.171.232: no matching key exchange >> > method found. Their offer: diffie-hellman-group1-sha1 >> > fatal: Could not read from remote repository. >> > >> > Please make sure you have the correct access rights >> > and the repository exists. >> >> Quick search turned up the answer though. A weak key implementation on >> Gerrit (which my OpenSSH disables by default): >> >> http://www.openssh.com/legacy.html >> >> Workaround was to add to my ~/.ssh/config: >> >> > Host gerrit.asterisk.org >> > KexAlgorithms +diffie-hellman-group1-sha1 >> >> Perhaps this could be modified so that the key exchange is slightly more >> secure? It's all open source stuff here, so the exchange may not be THAT >> necessary, but might not be a bad idea :) > > > > Thanks for the heads up on this Leif. We'll see if we can look into this. >
Josh is taking care of it. Looks like Gerrit needs some updated Bouncy Castle libraries. https://code.google.com/p/gerrit/issues/detail?id=3517 -- Rusty Newton Digium, Inc. | Community Support Manager 445 Jan Davis Drive NW - Huntsville, AL 35806 - US direct: +1 256 428 6200 Check us out at: http://digium.com & http://asterisk.org -- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev