Re: Enforcing sha2 algorithm in ssh-keygen.c

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Dear Jim,

I created a bug:
https://bugzilla.mindrot.org/show_bug.cgi?id=3546

On Fri, Mar 3, 2023 at 6:42 PM Jim Knoble <jmknoble@xxxxxxxxx> wrote:
>
> @Dmitry, you may get more traction by reporting this issue (with patch) at https://www.openssh.com/report.html .
>
> It can also help other folks who may be encountering the same issue.
>
> --
> jmk
>
> > On Mar 3, 2023, at 02:10, Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> wrote:
> >
> > Dear colleagues,
> >
> > Could you please take a look?
> >
> >> On Fri, Jan 20, 2023 at 12:55 PM Dmitry Belyavskiy <dbelyavs@xxxxxxxxxx> wrote:
> >>
> >> Dear colleagues,
> >>
> >> ssh-keygen uses SHA1 algorithm (default) when verifying that the key is usable. It causes problems on recent systems where SHA1 is disabled for use with signatures (at least, RHEL 9+).
> >>
> >> The proposed patch enforces using a sha2 algorithm for key verification.
> >>
> >> --
> >> Dmitry Belyavskiy
> >
> >
> >
> > --
> > Dmitry Belyavskiy
> >
> > _______________________________________________
> > openssh-unix-dev mailing list
> > openssh-unix-dev@xxxxxxxxxxx
> > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@xxxxxxxxxxx
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



-- 
Dmitry Belyavskiy

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux