Hi all, I put some comments on the OpenSSH mailing list[1] about UpdateHostKeys and other SHA-1 related changes.
The OpenSSH release notes simply tell people to update OpenSSH. In practice, people who use distributions like Fedora, RHEL and CentOS are going to wait for a package. Security conscious users who can't completely disable ssh may use the MACs parameter in ssh_config, sshd_config or both. What does it mean from a Fedora perspective? For example: - did anybody already write any wiki page, FAQ or guide for Fedora users to navigate the SHA-1 issue in SSH? - will Fedora be more proactive than upstream in disabling SHA-1 or will Fedora simply follow the timeline from upstream? Regards, Daniel 1. https://lists.mindrot.org/pipermail/openssh-unix-dev/2021-March/039194.html _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
