[Bug 3375] SHA1 is used as a proof of possession for the RSA key

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Jan 5 18:41:17 AEDT 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3375

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #3559|0                           |1
        is obsolete|                            |

--- Comment #6 from Damien Miller <djm at mindrot.org> ---
Created attachment 3561
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3561&action=edit
tweaked diff

IMO it's important to retain the current algorithm selection logic for
RSA keys, because otherwise the client will reject them for having the
wrong signature algorithm.

This patch does this and tweaks a few other things.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list