Enforcing sha2 algorithm in ssh-keygen.c
dbelyavs at redhat.com
Fri Mar 3 21:04:56 AEDT 2023
Could you please take a look?
On Fri, Jan 20, 2023 at 12:55 PM Dmitry Belyavskiy <dbelyavs at redhat.com> wrote:
> Dear colleagues,
> ssh-keygen uses SHA1 algorithm (default) when verifying that the key is usable. It causes problems on recent systems where SHA1 is disabled for use with signatures (at least, RHEL 9+).
> The proposed patch enforces using a sha2 algorithm for key verification.
> Dmitry Belyavskiy
More information about the openssh-unix-dev