Difference between revisions of "SHA-1 (deprecated)"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
(→Status) |
||
(6 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
− | [[wikipedia:SHA-1]] | + | [[wikipedia:SHA-1]] is deprecated |
− | Disabled in OpenSSH 8.8 September 2021 | + | == Status == |
+ | * Disabled in [[OpenSSH 8.8]] September 2021 | ||
+ | * Not supported in [[Terraform changelog|Terraform]] since 1.2 (May 2022) | ||
== Attacks == | == Attacks == | ||
[[Certificates]] are at special risk to the aforementioned [[SHA1 collision]] vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief [[LoginGraceTime]] window that they have to forge a host key signature. | [[Certificates]] are at special risk to the aforementioned [[SHA1 collision]] vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief [[LoginGraceTime]] window that they have to forge a host key signature. | ||
+ | |||
+ | == Related == | ||
+ | * [[BLAKE2s]] [[Linux Kernel 5.17]] | ||
== See also == | == See also == |
Latest revision as of 06:21, 31 August 2022
wikipedia:SHA-1 is deprecated
Contents
Status[edit]
- Disabled in OpenSSH 8.8 September 2021
- Not supported in Terraform since 1.2 (May 2022)
Attacks[edit]
Certificates are at special risk to the aforementioned SHA1 collision vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief LoginGraceTime window that they have to forge a host key signature.
Related[edit]
See also[edit]
- SHA, SHA-0, SHA-1, SHA-2, SHA-3, SHA-256,
shasum, sha1sum, sha256sum, sha512sum
- OpenSSH (changelog):
/etc/ssh/sshd_config
|/etc/ssh/ssh_config
|~/.ssh/
|openSSL | sshd logs
|sftp
|scp
|authorized_keys
|ssh-keygen
|ssh-keyscan
|ssh-add
|ssh-agent
|ssh
|Ssh -O stop
|ssh-copy-id
|CheckHostIP
|UseKeychain
, OpenSSF
Advertising: