I filled bug [1] on the same topic yesterday with different approach. I
don't think the intention was to provide all hashing algorithms for
fingerprints, but to slowly obsolete md5, replacing by sha256.
But the final decision and clarification what was the real intention
depends again on developers.
On 08/05/2015 10:47 PM, Christian Hesse wrote:
From: Christian Hesse <mail@xxxxxxxx>
Signed-off-by: Christian Hesse <mail@xxxxxxxx>
---
ssh_config.5 | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/ssh_config.5 b/ssh_config.5
index 5b0975f..28f7714 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -649,9 +649,13 @@ The default is
.It Cm FingerprintHash
Specifies the hash algorithm used when displaying key fingerprints.
Valid options are:
-.Dq md5
+.Dq md5 ,
+.Dq ripemd160 ,
+.Dq sha1 ,
+.Dq sha256 ,
+.Dq sha384
and
-.Dq sha256 .
+.Dq sha512 .
The default is
.Dq sha256 .
.It Cm ForwardAgent
--
Jakub Jelen
Security Technologies
Red Hat
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev