[PATCH 1/1] document all hash algorithms available for key fingerprint display

Jakub Jelen jjelen at redhat.com
Thu Aug 6 18:54:39 AEST 2015


I filled bug [1] on the same topic yesterday with different approach. I 
don't think the intention was to provide all hashing algorithms for 
fingerprints, but to slowly obsolete md5, replacing by sha256.

But the final decision and clarification what was the real intention 
depends again on developers.

On 08/05/2015 10:47 PM, Christian Hesse wrote:
> From: Christian Hesse <mail at eworm.de>
>
> Signed-off-by: Christian Hesse <mail at eworm.de>
> ---
>   ssh_config.5 | 8 ++++++--
>   1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/ssh_config.5 b/ssh_config.5
> index 5b0975f..28f7714 100644
> --- a/ssh_config.5
> +++ b/ssh_config.5
> @@ -649,9 +649,13 @@ The default is
>   .It Cm FingerprintHash
>   Specifies the hash algorithm used when displaying key fingerprints.
>   Valid options are:
> -.Dq md5
> +.Dq md5 ,
> +.Dq ripemd160 ,
> +.Dq sha1 ,
> +.Dq sha256 ,
> +.Dq sha384
>   and
> -.Dq sha256 .
> +.Dq sha512 .
>   The default is
>   .Dq sha256 .
>   .It Cm ForwardAgent

-- 
Jakub Jelen
Security Technologies
Red Hat



More information about the openssh-unix-dev mailing list