[Bug 1580] New: [PATCH] HMAC should use sha1 instead of md5 by default
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Mar 30 16:40:39 EST 2009
https://bugzilla.mindrot.org/show_bug.cgi?id=1580
Summary: [PATCH] HMAC should use sha1 instead of md5 by default
Product: Portable OpenSSH
Version: 5.2p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: daniel.subs at internode.on.net
Created an attachment (id=1619)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1619)
openssh-hmac-sha1-prefered-cvs.patch
Both ssh and sshd should use sha1 in preference to md5. This is
currently not the case. It would be nicer for sha1 to be the default,
even if it just stops the audit people from saying 'bad bad - using
that flawed md5'.
I acknowledge that the control is totally in the ssh client end however
reordering both isn't that hard.
patch attached performs this function.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list