| < PuTTY 0.60.8364 | Matthew Loar > Blog > December 2008 | Back Up > |
So yeah, testing. I had tested my gssapi-keyex support against Sun SSH. Testing against OpenSSH revealed some issues:
Group exchange was totally broken. Sun SSH doesn't appear to support group exchange.
The hash H was improperly computed if the server omitted the optional SSH_MSG_KEXGSS_HOSTKEY message. Sun SSH apparently sends this message.
Also, rekeying was broken.
Now I have tested all three kexes against both Sun SSH and OpenSSH, and tested that rekeying works.
You can find the updated version on the PuTTY page.
| < PuTTY 0.60.8364 | Matthew Loar > Blog > December 2008 | Back Up > |