Re: Can we disable diffie-hellman-group14-sha1 by default?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Also, are DH groups sent by server signed in addition to server's
supported algorithms?

On Sun, Jan 20, 2019 at 2:12 AM Yegor Ievlev <koops1997@xxxxxxxxx> wrote:
>
> e.g. can we make it throw warnings etc. rsa-sha2-256 and rsa-sha2-512
> are fine, they use PSS.
>
> On Sun, Jan 20, 2019 at 1:55 AM Yegor Ievlev <koops1997@xxxxxxxxx> wrote:
> >
> > Also can we do anything with ssh-rsa? It uses both SHA-1 and
> > deprecated PKCS#1 padding. If it's used to sign certificates, there's
> > no additional protection of SHA-2 hashing before SHA-1 signature, it
> > just signs the raw certificate.
> >
> > On Sat, Jan 19, 2019 at 11:32 PM Yegor Ievlev <koops1997@xxxxxxxxx> wrote:
> > >
> > > I'm not sure if collision resistance is required for DH key
> > > derivation, but generally, SHA-1 is on its way out. If it's possible
> > > (if there's not a very large percentage of servers that do not support
> > > anything newer), it should be disabled.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux