On Dec 13, 2023, Jacob Bachmeyer <jcb62...@gmail.com> wrote: > This is a pet peeve of mine: unless you have a citation for an actual > viable attack on RSA as used in SSH, or perhaps on the protocol SSH > uses for RSA-based authentication
AFAIK, ssh-rsa relies on SHA1 and SHA1 is weakening. Labeling it as 'insecure', like I did, was probably an exaggeration, but there seems to be good reason to phase it out proactively rather than reactively. Thanks for keeping me honest ;-) -- Alexandre Oliva, happy hacker https://FSFLA.org/blogs/lxo/ Free Software Activist GNU Toolchain Engineer Disinformation flourishes because many people care deeply about injustice but very few check the facts. Think Assange & Stallman. The empires strike back _______________________________________________ cfarm-users mailing list cfarm-users@lists.tetaneutral.net https://lists.tetaneutral.net/listinfo/cfarm-users
