diff --git a/include/libssh/dh.h b/include/libssh/dh.h
index 0d6720ee..02c99760 100644
--- a/include/libssh/dh.h
+++ b/include/libssh/dh.h
@@ -67,5 +67,6 @@ int ssh_client_dh_init(ssh_session session);
 void ssh_server_dh_init(ssh_session session);
 #endif /* WITH_SERVER */
 int ssh_server_dh_process_init(ssh_session session, ssh_buffer packet);
+int ssh_fallback_group(uint32_t pmax, bignum *p, bignum *g);
 
 #endif /* DH_H_ */
diff --git a/src/dh-gex.c b/src/dh-gex.c
index 7c5eb94e..1a4c3395 100644
--- a/src/dh-gex.c
+++ b/src/dh-gex.c
@@ -479,7 +479,7 @@ static int ssh_retrieve_dhgroup(uint32_t pmin,
         SSH_LOG(SSH_LOG_WARNING,
                 "Unable to open moduli file: %s",
                 strerror(errno));
-        return SSH_ERROR;
+        return ssh_fallback_group(pmax, p, g);
     }
 
     *size = 0;
diff --git a/src/dh.c b/src/dh.c
index bf52b498..e6c2cfd9 100644
--- a/src/dh.c
+++ b/src/dh.c
@@ -555,6 +555,33 @@ static SSH_PACKET_CALLBACK(ssh_packet_server_dh_init){
     return SSH_PACKET_USED;
 }
 
+/** @internal
+ * @brief Choose a fallback group for the DH Group exchange if the
+ * moduli file is not readable
+ * @param[in] pmax maximum requestsd group size
+ * @param[out] modulus
+ * @param[out] generator
+ * @returns SSH_OK on success, SSH_ERROR otherwise
+ */
+int ssh_fallback_group(uint32_t pmax,
+                       bignum *modulus,
+                       bignum *generator)
+{
+    *modulus = NULL;
+    *generator = NULL;
+
+    if (pmax < 3072) {
+        *modulus = ssh_dh_group14;
+    } else if (pmax < 6144) {
+        *modulus = ssh_dh_group16;
+    } else {
+        *modulus = ssh_dh_group18;
+    }
+    *generator = ssh_dh_generator;
+
+    return SSH_OK;
+}
+
 #endif /* WITH_SERVER */
 
 /**