I've just come across a knock on effect of this bug when configuring the Ubuntu SSH server for curve25519-sha...@libssh.org key exchange only, and using the latest Debian package openssh-client to connect.
Because Ubuntu's SSH server version doesnt match 6.6.1, the Debian SSH client disables curve25519-sha...@libssh.org completely, getting rid of the (presumably) most secure algorithm available: ========================================================================== debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Debian-4 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6p1 Ubuntu-2ubuntu1 debug1: match: OpenSSH_6.6p1 Ubuntu-2ubuntu1 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000000 ... debug2: compat_kex_proposal: original KEX proposal: curve25519-sha...@libssh.org debug2: Compat: skipping algorithm "curve25519-sha...@libssh.org" debug2: compat_kex_proposal: compat KEX proposal: No supported key exchange algorithms found ========================================================================== The compat value being hit is in compat.c:100. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1310781 Title: bad bignum encoding for curve25519-sha256 at libssh.org To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1310781/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs