Allow SHA1 deprecation for rsa-sha

Nuno Gonçalves nunojpg at
Thu Apr 6 00:41:23 AEST 2017

On Wed, Apr 5, 2017 at 10:21 AM, Jakub Jelen <jjelen at> wrote:
> Your proposal sounds reasonable, though not sure if this should all go into
> this single configuration option, or we should use different talking about
> the hash algorithms such as PubkeySignatureHash, since the existing list of
> algorithms (PubkeyAcceptedKeyTypes) is long enough already.

Actually I tried exactly as you suggested 1 month ago [1], but I'm not
sure if that is the best way forward now after comments from Douglas,
and so I was proposing to just extend the same option.

Anyway I'll wait for comments  for 1 week and then eventually provide
patchs for both options as they are quite trivial in any case.



More information about the openssh-unix-dev mailing list