Enforcing sha2 algorithm in ssh-keygen.c
jmknoble at pobox.com
Sat Mar 4 04:39:49 AEDT 2023
@Dmitry, you may get more traction by reporting this issue (with patch) at https://www.openssh.com/report.html .
It can also help other folks who may be encountering the same issue.
> On Mar 3, 2023, at 02:10, Dmitry Belyavskiy <dbelyavs at redhat.com> wrote:
> Dear colleagues,
> Could you please take a look?
>> On Fri, Jan 20, 2023 at 12:55 PM Dmitry Belyavskiy <dbelyavs at redhat.com> wrote:
>> Dear colleagues,
>> ssh-keygen uses SHA1 algorithm (default) when verifying that the key is usable. It causes problems on recent systems where SHA1 is disabled for use with signatures (at least, RHEL 9+).
>> The proposed patch enforces using a sha2 algorithm for key verification.
>> Dmitry Belyavskiy
> Dmitry Belyavskiy
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
More information about the openssh-unix-dev