[Bug 3322] New: Switch SSHFP default digest to SHA256

bugzilla-daemon Fri, 18 Jun 2021 09:12:49 -0700

https://bugzilla.mindrot.org/show_bug.cgi?id=3322


            Bug ID: 3322
           Summary: Switch SSHFP default digest to SHA256
           Product: Portable OpenSSH
           Version: 8.6p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: [email protected]
          Reporter: [email protected]

OpenSSH uses SHA1 as a default digest for SSHFP records for RSA/DSA
algorithms.

RFC 6594 permits using much more secure SHA256 algorithm with SSHFP
records. SHA256 is already default digest for Ed25519 and ECDSA SSHFP
records.

The straightforward PR:

https://github.com/openssh/openssh-portable/pull/259

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3322] New: Switch SSHFP default digest to SHA256

Reply via email to