[Twisted-Python] conch bytes/str traceback when /etc/ssh/moduli is not present

Werner Thie werner at thieprojects.ch
Fri Mar 5 17:57:02 MST 2021


On 3/5/21 13:54, Glyph wrote:

>
>> On Mar 5, 2021, at 3:24 AM, Colin Watson <cjwatson at debian.org> wrote:
>>
>> On Thu, Mar 04, 2021 at 04:16:59PM -0800, Glyph wrote:
>>> There are a bunch of tickets you could file here:
>>>
>>> Fixing the search path to comport with modern standards
>>> Automatically generating a new one in a writable location if none exists
>>> Better handle the case where it really truly doesn't exist and can't be generated (read-only filesystem or no readily discoverable, secure read/write locations)
>>>
>>> and in fact probably all of these are valid :)
>> Probably not the second.  Generating a new set of suitable DH moduli
>> takes a while (IIRC hours) - it's not something you'd want to do as part
>> of any kind of interactive process.
> For what it's worth, `ssh-keygen -G` on my laptop took 2 and a half minutes, `ssh-keygen -T` took 5.  It's slow, maybe even too slow for interactive use, but not quite "hours".

Just reporting back that conch is now working for me, it was entirely my
fault configuring the server. There is quite a mixture of bytes and
strings to configure, now the mix is right and sessions come up ok no
problem.

Mahalo, Werner



More information about the Twisted-Python mailing list