From florian.wicke@hetzner.de Thu Feb 25 16:17:28 2016 Received: (at submit) by bugs.x2go.org; 25 Feb 2016 15:17:30 +0000 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on ymir.das-netzwerkteam.de X-Spam-Level: X-Spam-Status: No, score=0.8 required=3.0 tests=BAYES_50,URIBL_BLOCKED autolearn=ham version=3.3.2 Received: from localhost (localhost [127.0.0.1]) by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 7CF8C5DA97 for ; Thu, 25 Feb 2016 16:17:28 +0100 (CET) X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de Received: from ymir.das-netzwerkteam.de ([127.0.0.1]) by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uKUzuZJuYCT1 for ; Thu, 25 Feb 2016 16:17:22 +0100 (CET) X-Greylist: delayed 2305 seconds by postgrey-1.34 at ymir.das-netzwerkteam.de; Thu, 25 Feb 2016 16:17:22 CET Received: from mail.hetzner.company (mail.hetzner.company [213.133.106.242]) by ymir.das-netzwerkteam.de (Postfix) with ESMTPS id 6AE405DA82 for ; Thu, 25 Feb 2016 16:17:22 +0100 (CET) Received: from [78.46.134.130] (helo=[10.200.1.57]) by mail.hetzner.company with esmtpsa (TLSv1.2:DHE-RSA-AES256-SHA:256) (Exim 4.80) (envelope-from ) id 1aYx5N-0002GT-Uq for submit@bugs.x2go.org; Thu, 25 Feb 2016 15:40:10 +0100 To: submit@bugs.x2go.org From: Florian Wicke - Hetzner Online GmbH Subject: x2goclient sshd (for folder sharing) weak host key Message-ID: <56CF1213.9080407@hetzner.de> Date: Thu, 25 Feb 2016 15:39:15 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="DAtn2Men3F7ADcJ4kiIHPiKc6EQvfef1d" X-Authenticated-Sender: florian.wicke@hetzner.de This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --DAtn2Men3F7ADcJ4kiIHPiKc6EQvfef1d Content-Type: multipart/mixed; boundary="96D4BS79n5r399HUHlkTfhnE2CcMtOVRx" From: Florian Wicke - Hetzner Online GmbH To: submit@bugs.x2go.org Message-ID: <56CF1213.9080407@hetzner.de> Subject: x2goclient sshd (for folder sharing) weak host key --96D4BS79n5r399HUHlkTfhnE2CcMtOVRx Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Package: x2goclient The sshd (sshd.exe) spawned by x2goclient for things like the folder sharing is creating a DSA HostKey. Even if this sshd is only listening on localhost and is accessed through the ssh tunnel from the X2Go server this might lead to connections errors if the ssh_config of the server is configured to not allow connections to these weak (1024 bit) DSA HostKeys. I would advice increasing this to at least 2048 bit RSA host keys or even elliptic curve host keys if available. Best regards, Florian Wicke Hetzner Online GmbH Industriestr. 25 91710 Gunzenhausen Tel: +49 9831 505-187 Fax: +49 9831 505-387 florian.wicke@hetzner.de www.hetzner.de Registergericht Ansbach, HRB 6089 Gesch=C3=A4ftsf=C3=BChrer: Martin Hetzner --96D4BS79n5r399HUHlkTfhnE2CcMtOVRx-- --DAtn2Men3F7ADcJ4kiIHPiKc6EQvfef1d Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCgAGBQJWzxIVAAoJEAn0falXoNhDBKsIAIXIKJZtPa+3K4cL092aErfn OmmhG64U7E8n0IJzHKmTF6zdygFa4+rcNAUNgwHMnp/OO8HYL6NliySQuxGnKRqn uqkpvlUdM4oyVMpXHcEu+4IR4hjmUOPArDsZP+d4ReGblgTlaPyH8HmsyWqN4fLC cWEQtaoQfJum4OcyXVMLPNYpAcD9LYqN7KS8OXtNzCnzvr3fv5dtDjx2SMc67DI3 VIrZn0VDAGGisuQBknQghmQ0Cc4GmMyW4AqZ8b7Jpu+BXX6Qlm3ID1P7Niy5Q0Ql HDPyTo5wXKR8RYoigyMIBGXxJlnfyYcjSmZTm8Bn23TGF5ji2sTBEzghZ798vi4= =SAsh -----END PGP SIGNATURE----- --DAtn2Men3F7ADcJ4kiIHPiKc6EQvfef1d--