thr3ads.net - openssh bugs - [Bug 3546] New: Use SHA2 in ssh-keygen key verification [Mar 2023]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at mindrot.org

2023-Mar-03 17:52 UTC

[Bug 3546] New: Use SHA2 in ssh-keygen key verification

https://bugzilla.mindrot.org/show_bug.cgi?id=3546

            Bug ID: 3546
           Summary: Use SHA2 in ssh-keygen key verification
           Product: Portable OpenSSH
           Version: 8.7p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-keygen
          Assignee: unassigned-bugs at mindrot.org
          Reporter: dbelyavs at redhat.com

Created attachment 3681
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3681&action=edit
Proposed fix

ssh-keygen uses SHA1 algorithm (default) when verifying that the key is
usable. It causes problems on recent systems where SHA1 is disabled for
use with signatures (at least, RHEL 9+).

The proposed patch enforces using a sha2 algorithm for key
verification.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

bugzilla-daemon at mindrot.org

2023-Mar-08 00:07 UTC

head link

[Bug 3546] Use SHA2 in ssh-keygen key verification

https://bugzilla.mindrot.org/show_bug.cgi?id=3546

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Blocks|                            |3533
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
similar fix applied. Will be in OpenSSH 9.3, due soon


Referenced Bugs:

https://bugzilla.mindrot.org/show_bug.cgi?id=3533
[Bug 3533] tracking bug for openssh-9.3
-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

bugzilla-daemon at mindrot.org

2023-Mar-17 02:43 UTC

head link

[Bug 3546] Use SHA2 in ssh-keygen key verification

https://bugzilla.mindrot.org/show_bug.cgi?id=3546

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
OpenSSH 9.3 has been released. Close resolved bugs

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

Apparently Analagous Threads

Search for more apparently analagous threads

openssh bugs - Mar 2023 - [Bug 3546] New: Use SHA2 in ssh-keygen key verification

[Bug 3546] New: Use SHA2 in ssh-keygen key verification

[Bug 3546] Use SHA2 in ssh-keygen key verification

[Bug 3546] Use SHA2 in ssh-keygen key verification

Apparently Analagous Threads