You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Michael Gorovoy (Jira)" <ji...@apache.org> on 2021/06/04 17:57:00 UTC
[jira] [Comment Edited] (SSHD-1004) Disable weak security settings
[ https://issues.apache.org/jira/browse/SSHD-1004?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17357471#comment-17357471 ]
Michael Gorovoy edited comment on SSHD-1004 at 6/4/21, 5:56 PM:
----------------------------------------------------------------
[~lgoldstein], is it possible to enable SHA1 fallback in embedded SSHD server for legacy SSH Clients? Does it require rebuilding the artifacts? Could you please provide instructions on how this could be accomplished?
was (Author: mgorovoy):
[~lgoldstein], is it possible to enable SHA1 fallback for legacy SSH Clients? Does it require rebuilding the artifacts? Could you please provide instructions on how this could be accomplished?
> Disable weak security settings
> ------------------------------
>
> Key: SSHD-1004
> URL: https://issues.apache.org/jira/browse/SSHD-1004
> Project: MINA SSHD
> Issue Type: Improvement
> Affects Versions: 2.4.0
> Reporter: Lyor Goldstein
> Assignee: Lyor Goldstein
> Priority: Major
> Labels: ssh
> Fix For: 2.6.0
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> [OpenSSH to deprecate SHA-1 logins due to security risk|https://www.zdnet.com/article/openssh-to-deprecate-sha-1-logins-due-to-security-risk/]
> Including {{hmac-md5, hmac-ripemd160}} and also {{ssh-rsa}} and {{ssh-dss}} key exchanges. For the time being we will not include them by default but leave the code in place in case users still need them
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@mina.apache.org
For additional commands, e-mail: dev-help@mina.apache.org