search for: oskarcz

Displaying 1 result from an estimated 1 matches for "oskarcz".

Did you mean: oskar
2012 Aug 31
9
[Bug 2040] New: Downgrade attack vulnerability when checking SSHFP records
...ST be rejected rather than testing the alternative SHA-1 fingerprint. The current version of SSH does not conform this requirement. Attached patch fixes this issue. It can be tested using this command: $ ssh -vv -o HostKeyAlgorithms=ecdsa-sha2-nistp521 -o VerifyHostKeyDNS=yes sshfp-test-downgrade.oskarcz.net (The SSHFP records with SHA-256 digests for hostname sshfp-test-downgrade.oskarcz.net are intentionally altered.) -- You are receiving this mail because: You are watching the assignee of the bug.