Difference between revisions of "SHA-1 (deprecated)"
Jump to navigation
Jump to search
Tags: Mobile web edit, Mobile edit |
|||
Line 6: | Line 6: | ||
== Attacks == | == Attacks == | ||
[[Certificates]] are at special risk to the aforementioned [[SHA1 collision]] vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief [[LoginGraceTime]] window that they have to forge a host key signature. | [[Certificates]] are at special risk to the aforementioned [[SHA1 collision]] vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief [[LoginGraceTime]] window that they have to forge a host key signature. | ||
+ | |||
+ | == Related == | ||
+ | * [[BLAKE2s]] [[Linux Kernel 5.18]] | ||
== See also == | == See also == |
Revision as of 07:35, 30 March 2022
wikipedia:SHA-1 is deprecated
Contents
Status
Disabled in OpenSSH 8.8 September 2021
Attacks
Certificates are at special risk to the aforementioned SHA1 collision vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief LoginGraceTime window that they have to forge a host key signature.
Related
See also
- SHA, SHA-0, SHA-1, SHA-2, SHA-3, SHA-256,
shasum, sha1sum, sha256sum, sha512sum
- OpenSSH (changelog):
/etc/ssh/sshd_config
|/etc/ssh/ssh_config
|~/.ssh/
|openSSL | sshd logs
|sftp
|scp
|authorized_keys
|ssh-keygen
|ssh-keyscan
|ssh-add
|ssh-agent
|ssh
|Ssh -O stop
|ssh-copy-id
|CheckHostIP
|UseKeychain
, OpenSSF
Advertising: