[GTALUG] dh key exchange question.

Karen Lewellen klewellen at shellworld.net
Wed Oct 3 15:50:14 EDT 2018 

Hi again,
I am not using windows either, but DOS.
The  program, sshdos,  was created by someone involved with the freedos 
project, which is still under development.
When I use the program to ssh telnet well anywhere, and run the -v option I 
witness the exchange process, when it works like here and when it does 
not.
The program was compiled using some parts of putty for windows yes, along 
with  some Linux libraries.
Proof it works, I am using it to write this e-mail.
But as expressed my host here shellworld is a small enough company to work 
with me.
Djgpp is another dos project which includes some more up to date keys.  I 
believe my best option is going to be discovering if there is either 
another  DOS ssh client, the speech and screen readers for Linux directly 
all use voices that stimulate my brain's dizzy centres, or seek to 
upgrade sshdos since the code is open source.
Thanks for the firm information about  the keys I am using.
Happy thanksgiving to the list,
Kare



On Wed, 3 Oct 2018, D. Hugh Redelmeier via talk wrote:

> | From: Karen Lewellen via talk <talk at gtalug.org>
>
> | Thanks for these suggestions, but I do not have a Linux box.  I use ssh telnet
> | to reach a Linux shell.
>
> I'm not sure what "ssh telnet" is.  What software are you actually
> using on your Windows machine?  Putty?
>
> | I have  been debugging since Late June, with others here at least letting me
> | know the  problem may be  due to locations removing access to my keys as
> | dreamhost has done.
>
> The terminology of crypto is kind of confusing.  One confusing thing is
> the word "key": there are two distinct kinds of keys used by SSH.
>
> Normally, the keys you manipulate for SSH are a private key (that you
> usually keep only on your local machine) and a corresponding public
> key that you put everywhere that you might want to log into.
> These two keys are a pair and you cannot mix and match from other key
> pairs.  You generally think of these keys as close to permanent.
>
> The DH (DIffie-Hellman) exchange is something done by SSH
> autonomously, per session.  This exchange creates unique but shared
> "ephemeral" keys.  You don't generally get involved in this.  DH is
> almost magical but was invented about 40 years ago.
>
> There is one thing about DH that can require your intervention.  DH
> works within an algebraic structure.  Sometimes the algebra becomes
> obsolete because more powerful computers or algorithms are getting
> close to breaking them.  So SSH starts by negotiating which DH algebra
> to use.  If your SSH is old enough, there is a chance that it doesn't
> support an algebra that the other side's SSH considers secure.  That
> means that a session cannot be negotiated.
>
> Note: DH isn't related to your permanent keys.  If you have key
> trouble, it probably isn't anything to do with DH.  If you have DH
> trouble, it probably isn't anything to dow with your permanent keys.
>
> PS: It was Hellman's birthday yesterday.
> ---
> Talk Mailing List
> talk at gtalug.org
> https://gtalug.org/mailman/listinfo/talk
>

More information about the talk mailing list