[SSHD-1004] Disable weak security settings - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.4.0
Fix Version/s: 2.6.0
Labels:
- ssh

Flags:

Important

Description

OpenSSH to deprecate SHA-1 logins due to security risk

Including hmac-md5, hmac-ripemd160 and also ssh-rsa and ssh-dss key exchanges. For the time being we will not include them by default but leave the code in place in case users still need them

Attachments

Issue Links

links to

OpenSSH release 8.3

rfc7465- Prohibiting RC4 Cipher Suites

rfc8429 - Deprecate Triple-DES (3DES) and RC4 in Kerberos

rfc8758 - Deprecating RC4 in Secure Shell

Activity

People

Assignee:: Lyor Goldstein

Reporter:: Lyor Goldstein

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 27/May/20 19:41

Updated:: 04/Jun/21 18:14

Resolved:: 01/Aug/20 08:14

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

0.5h