On 02/12/2017 03:46 PM, Nuno Gonçalves wrote:
On 1/30/2017 3:58 AM, Jakub Jelen wrote:
This is part of deprecation SHA1 for signatures, which were hardcoded into the core RFCs. The different hashes were introduced in OpenSSH 7.2 [1] and are negotiated using the protocol extension. I
don't think there are configuration options to control this behavior, but the new algorithms have higher priority for new OpenSSH versions.
[1] http://www.openssh.com/txt/release-7.2
Regards,
In that case this is converted to a bug report: Deprecation of SHA1 is
not being enforced since 7.4p1.
Hello.
Thank you for wide investigation. I filled a bug #2680 [1] to get it
more attention. This is something we would really like to see fixed and
the patch passed probably unseen by the developers.
Damien, Darren, can we get it fixed?
Thanks,
--
Jakub Jelen
Software Engineer
Security Technologies
Red Hat
[1] https://bugzilla.mindrot.org/show_bug.cgi?id=2680
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
