[Bug 3375] SHA1 is used as a proof of possession for the RSA key

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Jan 5 19:14:44 AEDT 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3375

--- Comment #8 from Dmitry Belyavskiy <dbelyavs at redhat.com> ---
Thanks!

I need to test it, but your code looks great.

The problem is, when we are in FIPS mode, we shouldn't use sha1 for
signature (but still are allowed to use for the verification).

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list