Debugging “DH GEX group out of range” Error in SSH: Comprehensive Fixes for OpenSSH Compatibility Issues


4 views

When encountering the "DH GEX group out of range" error during SSH authentication, it typically indicates a mismatch between the client and server's Diffie-Hellman Group Exchange (DH-GEX) parameters. The verbose output shows the negotiation failing at the key exchange phase:

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<7680<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
ssh_dispatch_run_fatal: Connection to -- port 22: DH GEX group out of range

The error occurs when:

  • Client requests DH group sizes (2048-8192 bits in this case)
  • Server responds with a group outside this range
  • OpenSSH versions have different default group size requirements

Edit /etc/ssh/sshd_config on the server:

# Force specific DH group sizes
KexAlgorithms diffie-hellman-group-exchange-sha256
Ciphers aes256-ctr,aes192-ctr,aes128-ctr
MACs hmac-sha2-512,hmac-sha2-256

Restart SSH service:

sudo systemctl restart sshd

For temporary connections, force specific parameters:

ssh -oKexAlgorithms=diffie-hellman-group14-sha256 \
    -oCiphers=aes256-ctr \
    -oMACs=hmac-sha2-512 \
    user@host

Add to ~/.ssh/config:

Host problematic_server
    HostName your.server.com
    KexAlgorithms diffie-hellman-group14-sha256
    Ciphers aes256-ctr,aes192-ctr,aes128-ctr
    MACs hmac-sha2-512,hmac-sha2-256

The conflict often appears between:

  • OpenSSH 7.x clients (enforcing stronger defaults)
  • OpenSSH 6.x servers (older parameter sets)

To check supported algorithms:

ssh -Q kex
ssh -Q cipher
ssh -Q mac

When attempting to SSH into a server, you might encounter the cryptic error message: ssh_dispatch_run_fatal: Connection to [host] port 22: DH GEX group out of range. This occurs during the key exchange phase of the SSH handshake, specifically when using the Diffie-Hellman Group Exchange (DH GEX) method.

The error suggests a mismatch in the allowed group sizes between client and server during the DH key exchange. The debug output shows:

SSH2_MSG_KEX_DH_GEX_REQUEST(2048<7680<8192) sent
got SSH2_MSG_KEX_DH_GEX_GROUP
ssh_dispatch_run_fatal: Connection to -- port 22: DH GEX group out of range

This indicates the client requested a DH group between 2048-8192 bits (with preferred size 7680), but the server returned a group that didn't meet these parameters.

First, examine the server's SSH configuration (/etc/ssh/sshd_config) for these relevant parameters:

# Check for DH-related settings
cat /etc/ssh/sshd_config | grep -i "dh"

Modern OpenSSH versions often disable weaker DH groups by default. The server might be offering groups that are either too small or too large for what the client expects.

For immediate connection, try forcing a different key exchange algorithm:

ssh -oKexAlgorithms=diffie-hellman-group14-sha256 user@host

Alternatively, specify the acceptable group sizes explicitly:

ssh -oGSSAPIKexAlgorithms=gss-gex-sha1- -oKexAlgorithms=diffie-hellman-group-exchange-sha256 user@host

To make this persistent, add these lines to your client's SSH config (~/.ssh/config):

Host problematic-server
    HostName your.server.com
    KexAlgorithms diffie-hellman-group-exchange-sha256
    GSSAPIKexAlgorithms gss-gex-sha1-

Ensure both client and server are running compatible OpenSSH versions. On Ubuntu/Debian:

# Client and server update
sudo apt update
sudo apt upgrade openssh-client openssh-server

While forcing algorithms can solve the connection issue, be mindful of security implications. DH groups smaller than 2048 bits are considered insecure. The sweet spot is 2048-4096 bits for most use cases.

For more detailed diagnostics, use higher verbosity levels:

ssh -vvv user@host

This will show the exact key exchange algorithms being negotiated and help identify where the handshake fails.

After making changes, verify the connection works with your preferred parameters:

ssh -oKexAlgorithms=diffie-hellman-group-exchange-sha256 \
    -oGSSAPIKexAlgorithms=gss-gex-sha1- \
    -vvv user@host