https://bugzilla.mindrot.org/show_bug.cgi?id=3375
Jakub Jelen <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from Jakub Jelen <[email protected]> --- The condition `kexsigtype == KEY_RSA` in the above link will work only if the rsa-sha2-* hostkey type was negotiated during key exchange and we are sending a proof of possession of another RSA key. In any other case, for example ECDSA or Ed25519 hostkey is negotiated, the above condition will evaluate always to `false` and RSA with SHA1 will be used regardless the client capabilities. I think the above condition should be rewritten to check not against the negotiated hostkey type, but if the client supports the RSA with SHA2 (regardless of the negotiated key type). But I did not have time to look better into the implementation yet. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
