SHA-1 practical recommendations?
Daniel Pocock
daniel at pocock.pro
Thu Mar 11 06:16:27 AEDT 2021
On 10/03/2021 20:05, Aaron Jones wrote:
> On 10/03/2021 15:55, Daniel Pocock wrote:
>> Does the command for checking ssh-rsa distinguish between SHA-1
>> (insecure) and SHA-2?
>
> The older ssh-rsa algorithm *only* uses SHA-1. The SHA-2 versions are
> rsa-sha2-256 and rsa-sha2-512. If connecting to a server succeeds when
> the former is excluded, the server supports SHA-2. If it does not, it
> only supports SHA-1.
>
> This also has nothing to do with the MACs setting; HMAC-SHA1 is still
> secure (as is HMAC-MD5).
Thanks for the fast reply
This is one of the search results for hardening that suggests tweaking
MACs, this is the reason I wanted to seek clarification:
https://access.redhat.com/discussions/3121481
What about KexAlgorithms - should people change this either on client,
server or both to remove entries like
diffie-hellman-group-exchange-sha1, and diffie-hellman-group14-sha1 ?
Is there any SHA1 value cached in known_hosts or does that only contain
full public keys?
Regards,
Daniel
More information about the openssh-unix-dev
mailing list