https://bugzilla.mindrot.org/show_bug.cgi?id=3375
--- Comment #2 from Dmitry Belyavskiy <[email protected]> --- When we have, say, an ECDSA key confirmed by fingerprint and RSA key to be confirmed, we have EC-based KEX, so the KEX-based prevention of using SHA1 (https://github.com/openssh/openssh-portable/blob/7a7c69d8b4022b1e5c0afb169c416af8ce70f3e8/serverloop.c#L725-L730) will not work and SHA1 will be used for the proof of posession of the RSA key. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
