Allow SHA1 deprecation for rsa-sha
Nuno Gonçalves
nunojpg at gmail.com
Thu Apr 6 00:41:23 AEST 2017
On Wed, Apr 5, 2017 at 10:21 AM, Jakub Jelen <jjelen at redhat.com> wrote:
> Your proposal sounds reasonable, though not sure if this should all go into
> this single configuration option, or we should use different talking about
> the hash algorithms such as PubkeySignatureHash, since the existing list of
> algorithms (PubkeyAcceptedKeyTypes) is long enough already.
Actually I tried exactly as you suggested 1 month ago [1], but I'm not
sure if that is the best way forward now after comments from Douglas,
and so I was proposing to just extend the same option.
Anyway I'll wait for comments for 1 week and then eventually provide
patchs for both options as they are quite trivial in any case.
Thanks,
Nuno
[1] https://github.com/nunojpg/openssh-portable/commit/1739aceb34c0eb4a9b363ff2515925e093d7ddcc
More information about the openssh-unix-dev
mailing list