[Bug 3493] New: ssh-keyscan -D has no option to disable SHA-1 digest

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Oct 31 22:27:48 AEDT 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3493

            Bug ID: 3493
           Summary: ssh-keyscan -D has no option to disable SHA-1 digest
           Product: Portable OpenSSH
           Version: 9.1p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh-keyscan
          Assignee: unassigned-bugs at mindrot.org
          Reporter: pemensik at redhat.com

I would like to omit SHA1 digest from any records generated for SSHFP
records. I want only more secure digest. But even in the latest version
is always prints both digest types. The only way out is grepping out
unwanted digest, which is not convenient.

I would like to have more simple way to select only SHA256 digest or
disable SHA1.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list