[Implemented] Improve SSH Diffie-Hellman KEX Options

Post your feature requests here
Post Reply
bwebb
Posts: 6
Joined: Fri Jul 02, 2021 6:37 pm

Fri Jul 02, 2021 6:44 pm

Currently it seems Unimus only supports Diffie-Hellman key exchange with 2048-bits maximum. While this is currently an acceptable minimum, many platforms like FortiOS are no longer supporting 2048-bit key exchange by default for their 'hardened' administrative configurations:

https://docs.fortinet.com/document/fort ... encryption

While all of the other key exchange mechanisms work with the hardened configuration, 4096-bit and 8192-bit encryption is not supported by Unimus currently.
Vik@Unimus
Posts: 198
Joined: Thu Aug 05, 2021 6:35 pm

Thu Mar 24, 2022 8:56 pm

We have a new Unimus version 2.2.3-Beta1 live now, which contains a new SSH library which comes with improvements to compatibility with newer and stricter algorithms and some other encountered limitations like when a device used some non-standard key sizes for key exchange algorithms. You can find more information in our Beta branch thread

viewtopic.php?f=4&t=1454

and download a new version below

https://unimus.net/download-dev

If you get a chance, give it a try and let us know if it worked as expected, or if you encounter any other issue.
Post Reply