Difference between revisions of "SHA-1 (deprecated)"
Jump to navigation
Jump to search
| Line 6: | Line 6: | ||
== See also == | == See also == | ||
* {{sha}} | * {{sha}} | ||
| + | * {{OpenSSH}} | ||
[[Category:Security]] | [[Category:Security]] | ||
Revision as of 05:38, 18 August 2021
Attacks
Certificates are at special risk to the aforementioned SHA1 collision vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief LoginGraceTime window that they have to forge a host key signature.
See also
- SHA, SHA-0, SHA-1, SHA-2, SHA-3, SHA-256,
shasum, sha1sum, sha256sum, sha512sum - OpenSSH (changelog):
/etc/ssh/sshd_config|/etc/ssh/ssh_config|~/.ssh/|openSSL | sshd logs|sftp|scp|authorized_keys|ssh-keygen|ssh-keyscan|ssh-add|ssh-agent|ssh|Ssh -O stop|ssh-copy-id|CheckHostIP|UseKeychain, OpenSSF
Advertising:
