After Upgrade to RHEL 6.9 or RHEL 7.4 : ldap authentication no longer works due to the Error: "SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message"
Issue
ssh
logins function only via public key authentication- LDAP authenticated login no longer works, although LDAP groups are listed properly.
- After upgrade to RHEL 6.9/ RHEL 7.4, LDAP authentication and
sudo
no longer working and the following error is shown in/var/log/messages
:
Aug 27 18:22:39 testserver sssd[ ssd[be[LDAP]][879]: Could not start TLS encryption. TLS error -12173:SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.
Environment
- Red Hat Enterprise Linux (RHEL) 6.9
- Red Hat Enterprise Linux (RHEL) 7.4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.