Difference between revisions of "SHA-1 (deprecated)"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
(→Status) |
||
| (3 intermediate revisions by 2 users not shown) | |||
| Line 2: | Line 2: | ||
== Status == | == Status == | ||
| − | Disabled in [[OpenSSH 8.8]] September 2021 | + | * Disabled in [[OpenSSH 8.8]] September 2021 |
| + | * Not supported in [[Terraform changelog|Terraform]] since 1.2 (May 2022) | ||
== Attacks == | == Attacks == | ||
| Line 8: | Line 9: | ||
== Related == | == Related == | ||
| − | * [[BLAKE2s]] [[Linux Kernel 5. | + | * [[BLAKE2s]] [[Linux Kernel 5.17]] |
== See also == | == See also == | ||
Latest revision as of 06:21, 31 August 2022
wikipedia:SHA-1 is deprecated
Contents
Status[edit]
- Disabled in OpenSSH 8.8 September 2021
- Not supported in Terraform since 1.2 (May 2022)
Attacks[edit]
Certificates are at special risk to the aforementioned SHA1 collision vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief LoginGraceTime window that they have to forge a host key signature.
Related[edit]
See also[edit]
- SHA, SHA-0, SHA-1, SHA-2, SHA-3, SHA-256,
shasum, sha1sum, sha256sum, sha512sum - OpenSSH (changelog):
/etc/ssh/sshd_config|/etc/ssh/ssh_config|~/.ssh/|openSSL | sshd logs|sftp|scp|authorized_keys|ssh-keygen|ssh-keyscan|ssh-add|ssh-agent|ssh|Ssh -O stop|ssh-copy-id|CheckHostIP|UseKeychain, OpenSSF
Advertising:
