[KARAF-7807] Howto disable use of ssh-rsa in integrated Mina SSHD - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 4.4.3
Fix Version/s: None
Component/s: karaf
Labels:
- security

Target Version/s:

4.4.7

Description

In OpenSSH you can disable ssh-rsa and use only rsa-sha2-256 and rsa-sha2-512 by using

in /etc/ssh/sshd_config:

HostKeyAlgorithms  rsa-sha2-256,rsa-sha2-512

but the Karaf docs https://karaf.apache.org/manual/latest/remote

only have this option:

#
# Self defined key size in 1024, 2048, 3072, or 4096
# If not set, this defaults to 2048.
#
# keySize = 2048

#
# Specify host key algorithm, defaults to RSA
#
# algorithm = RSA

How to remove ssh-rsa which means a ssh session using SHA1 hash to check the key.

This is a scurity issue.

Attachments

Activity

People

Assignee:: Jean-Baptiste Onofré

Reporter:: Volker Voßkämper

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 15/Feb/24 15:23

Updated:: 04/Apr/24 15:32