SHA-1 (deprecated)

wikipedia:SHA-1 is deprecated

Status

• Disabled in OpenSSH 8.8 September 2021
• Not supported in Terraform since 1.2 (May 2022)

Attacks

Certificates are at special risk to the aforementioned SHA1 collision vulnerability as an attacker has effectively unlimited time in which to craft a collision that yields them a valid certificate, far more than the relatively brief LoginGraceTime window that they have to forge a host key signature.

Related

• BLAKE2s Linux Kernel 5.17

See also

• SHA, SHA-0, SHA-1, SHA-2, SHA-3, SHA-256, shasum, sha1sum, sha256sum, sha512sum
• OpenSSH (changelog): /etc/ssh/sshd_config | /etc/ssh/ssh_config | ~/.ssh/ | openSSL | sshd logs | sftp | scp | authorized_keys | ssh-keygen | ssh-keyscan | ssh-add | ssh-agent | ssh | Ssh -O stop | ssh-copy-id | CheckHostIP | UseKeychain, OpenSSF