Merge branch 'id-revert-narrowing-kex-algos' into 'main'

Return support for diffie-hellman-group14-sha1

See merge request gitlab-org/gitlab-shell!644

2 files changed, 2 insertions, 1 deletions

diff --git a/config.yml.example b/config.yml.example
index 1fdb6f9..0e75d75 100644
--- a/config.yml.example
+++ b/config.yml.example
@@ -89,7 +89,7 @@ sshd:
   # Specifies the available message authentication code algorithms that are used for protecting data integrity
   macs: [hmac-sha2-256-etm@openssh.com, hmac-sha2-512-etm@openssh.com, hmac-sha2-256, hmac-sha2-512, hmac-sha1]
   # Specifies the available Key Exchange algorithms
-  kex_algorithms: [curve25519-sha256, curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha256]
+  kex_algorithms: [curve25519-sha256, curve25519-sha256@libssh.org, ecdh-sha2-nistp256, ecdh-sha2-nistp384, ecdh-sha2-nistp521, diffie-hellman-group14-sha256, diffie-hellman-group14-sha1]
   # Specified the ciphers allowed
   ciphers: [aes128-gcm@openssh.com, chacha20-poly1305@openssh.com, aes256-gcm@openssh.com, aes128-ctr, aes192-ctr,aes256-ctr]
   # SSH host key files.
diff --git a/internal/sshd/server_config.go b/internal/sshd/server_config.go
index bb7886c..7fb73dc 100644
--- a/internal/sshd/server_config.go
+++ b/internal/sshd/server_config.go
@@ -32,6 +32,7 @@ var (
 		"ecdh-sha2-nistp384",
 		"ecdh-sha2-nistp521",
 		"diffie-hellman-group14-sha256",
+		"diffie-hellman-group14-sha1",
 	}
 )