In version 1 of the SSH protocol, it was possible to set the ephemeral session key size with the ServerKeyBits setting in sshd_config. Is there a way to do this for version 2 of the ssh protocol?
In the SSH protocol there are three encryption keys used:
- The server key
- The (intermediary) ephemeral session key
- The final symmetric cipher key
The intermediary ephemeral session key is an asymmetric cipher key created only for that session. It is created so that when the final symmetric key is passed, it doesn't have to be encrypted with the server key. This is so that if the server key is ever compromised, you can't use it to recover the end symmetric cipher key from previously "recorded" sessions. This is forward secrecy.
The size of the server key is set by the user when the user creates it. The size of the end symmetric cipher is preset by RFC and is inherent in the symmetric cipher that is chosen. The intermediary key, the ephemeral session key, I don't know how to set the size of that key. In version 1 of she SSH protocol you could set it with the ServerKeyBits setting. What is the way to set this in version 2 of the protocol?
It appears that the client specifies the minimum, preferred, and maximum modulus size when diffie-hellman-group-exchange-sha256 is used as the key exchange method. Does this mean removing smaller bit sizes from the server moduli file (as recommended here) will actually prevent small ephemeral key sizes from being used if the client asks for it, or will the server simply used one of its built-in fixed moduli if a broken client only wants a really small one?