Enforcing sha2 algorithm in ssh-keygen.c
Jim Knoble
jmknoble at pobox.com
Sat Mar 4 04:39:49 AEDT 2023
@Dmitry, you may get more traction by reporting this issue (with patch) at https://www.openssh.com/report.html .
It can also help other folks who may be encountering the same issue.
--
jmk
> On Mar 3, 2023, at 02:10, Dmitry Belyavskiy <dbelyavs at redhat.com> wrote:
>
> Dear colleagues,
>
> Could you please take a look?
>
>> On Fri, Jan 20, 2023 at 12:55 PM Dmitry Belyavskiy <dbelyavs at redhat.com> wrote:
>>
>> Dear colleagues,
>>
>> ssh-keygen uses SHA1 algorithm (default) when verifying that the key is usable. It causes problems on recent systems where SHA1 is disabled for use with signatures (at least, RHEL 9+).
>>
>> The proposed patch enforces using a sha2 algorithm for key verification.
>>
>> --
>> Dmitry Belyavskiy
>
>
>
> --
> Dmitry Belyavskiy
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list