Refined GEX testing against OpenSSH servers: when the fallback mechanism is suspected of being triggered, perform an additional test to obtain more accurate results.

2025-06-23 02:54:33 +02:00 · 2023-09-03 16:13:00 -04:00
parent 3f2fdbaa3d
commit 199e75f6cd
19 changed files with 100 additions and 104 deletions
--- a/test/docker/policies/policy_test13.txt
+++ b/test/docker/policies/policy_test13.txt
@ -23,7 +23,7 @@ hostkey_size_rsa-sha2-512 = 3072
 hostkey_size_ssh-rsa = 3072

 # Group exchange DH modulus sizes.
-dh_modulus_size_diffie-hellman-group-exchange-sha256 = 2048
+dh_modulus_size_diffie-hellman-group-exchange-sha256 = 4096

 # The host key types that must match exactly (order matters).
 host keys = rsa-sha2-512, rsa-sha2-256, ssh-rsa, ecdsa-sha2-nistp256, ssh-ed25519
--- a/test/docker/policies/policy_test14.txt
+++ b/test/docker/policies/policy_test14.txt
@ -23,7 +23,7 @@ hostkey_size_rsa-sha2-512 = 3072
 hostkey_size_ssh-rsa = 3072

 # Group exchange DH modulus sizes.
-dh_modulus_size_diffie-hellman-group-exchange-sha256 = 4096
+dh_modulus_size_diffie-hellman-group-exchange-sha256 = 8192

 # The host key types that must match exactly (order matters).
 host keys = rsa-sha2-512, rsa-sha2-256, ssh-rsa, ecdsa-sha2-nistp256, ssh-ed25519