https://bugzilla.mindrot.org/show_bug.cgi?id=2568
Jakub Jelen <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #13 from Jakub Jelen <[email protected]> --- This is just a top of the iceberg. There are two issues with ssh-agent and SHA2 signatures. The agent either * Does not support SHA2 and fails, which is sane behavior (usability concerns) * Does not support SHA2, but provides SHA1 signature (silently) and it is accepted by both client and server as I reported as a bug #2799 (security concerns) There is ssh-agent extension negotiation protocol, but the problem is that it is not understood by most of the agents so implementation would need to take care of these cases too. -- You are receiving this mail because: You are watching the reporter of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
