[Bug 3546] New: Use SHA2 in ssh-keygen key verification

bugzilla-daemon Fri, 03 Mar 2023 09:52:52 -0800

https://bugzilla.mindrot.org/show_bug.cgi?id=3546


            Bug ID: 3546
           Summary: Use SHA2 in ssh-keygen key verification
           Product: Portable OpenSSH
           Version: 8.7p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-keygen
          Assignee: [email protected]
          Reporter: [email protected]

Created attachment 3681
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3681&action=edit
Proposed fix

ssh-keygen uses SHA1 algorithm (default) when verifying that the key is
usable. It causes problems on recent systems where SHA1 is disabled for
use with signatures (at least, RHEL 9+).

The proposed patch enforces using a sha2 algorithm for key
verification.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 3546] New: Use SHA2 in ssh-keygen key verification

Reply via email to