no_spam_98 at yahoo.com
2013-May-23 20:03 UTC
Support for "ssh-rsa-sha256" and "ssh-dss-sha256" ?
I completely support this request. ?My organization is interested in supporting these public key algorithms to comply with NIST SP 800-131A too. Jeff, it is my understanding that through RFC4419, OpenSSH can be support the Key Agreement Using Diffie-Hellman and MQV guidelines in SP 800-131A using the "diffie-hellman-group-exchange-sha256" method. ?Is that correct? Thanks.
On Thu, 23 May 2013, no_spam_98 at yahoo.com wrote:> Jeff, it is my understanding that through RFC4419, OpenSSH can be > support the Key Agreement Using Diffie-Hellman and MQV guidelines in > SP 800-131A using the "diffie-hellman-group-exchange-sha256" method. > Is that correct?I think any of the ECDH methods would fit the bill too.
Maybe Matching Threads
- Weak DH primes and openssh
- Can we disable diffie-hellman-group-exchange-sha1 by default?
- Can we disable diffie-hellman-group-exchange-sha1 by default?
- [Bug 2302] with DH-GEX, ssh (and sshd) should not fall back to unconfigured DH groups or at least document this behaviour and use a stronger group
- Can we disable diffie-hellman-group-exchange-sha1 by default?