Dear colleagues,
OpenSSH uses SHA1 without any alternate options for hostname hashing (looks
like this is the last place where an alternate option for SHA1 is not
available). SHA1 HMAC is considered safe enough for now, but it may change
so it's definitely worth migrating to more safe algorithms (SHA2?).
I'd like to discuss possible options of such migration.
Many thanks!
--
Dmitry Belyavskiy
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
OpenSSH uses SHA1 without any alternate options for hostname hashing (looks
like this is the last place where an alternate option for SHA1 is not
available). SHA1 HMAC is considered safe enough for now, but it may change
so it's definitely worth migrating to more safe algorithms (SHA2?).
I'd like to discuss possible options of such migration.
Many thanks!
--
Dmitry Belyavskiy
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev