Contributed by rueda on from the Really Senile Algorthms dept.
[…] RSA/SHA1, a.k.a the "ssh-rsa" signature type is now disabled by default in OpenSSH. While The SSH protocol confusingly uses overlapping names for key and signature algorithms, this does not stop the use of RSA keys and there is no need to regenerate "ssh-rsa" keys - most servers released in the last five years will automatically negotiate the use of RSA/SHA-256/512 signatures. This has been coming for a long time, but I do expect it will be distruptive for some people as there are likely to be some devices out there that cannot be upgraded to support the safer algorithms. In these cases, it is possible to selectively re-enable RSA/SHA1 support by specifying PubkeyAcceptedAlgorithms=+ssh-rsa in the ssh_config(5) or sshd_config(5) for the endpoint. Please report any problems here, to bugs@ or to openssh@ […]
- The "ssh-rsa" signature type is now disabled by default.
- "ssh-rsa" signatures can be selectively re-enabled if necessary.
- RSA ("ssh-rsa") keys are not affected by this change and remain valid.
(Comments are closed)