Learn More
Resend Email
7
iamrp
5y

OpenSSH has announced plans to drop support for it's SHA-1 authentication method.

According to the report of ZDNet : The OpenSSH team currently considered SHA-1 hashing algorithm insecure (broken in real-world attack in February 2017 when Google cryptographers disclosed SHAttered attack which could make two different files appear as they had the same SHA-1 file signature). The OpenSSH project will be disabling the 'ssh-rsa' (which uses SHA-1) mode by default in a future release, they also plan to enable the 'UpdateHostKeys' feature by default which allow servers to automatically migrate from the old 'ssh-rsa' mode to better authentication algorithms.

random

developers

privacy

security
Favorite
Ranter
Comments
  • 5
    5y
    Still having sha1 as default is really a shame. They should skip straight to sha3.
  • 1
    5y
    Wait what? What does the ssh-rsa HostKeyAlgorithm have to do with using sha-1 as MAC?
    You can simply disable the latter while still using ssh-rsa.

    Or is sha-1 used somewhere inside ssh-rsa?
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment