[ssh_x509] Support for x509v3-rsa2048-sha256?

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Thu May 9 18:48:22 EEST 2019


ssh_x509 at roumenpetrov.info wrote:
>   Roumen thanks for your reply. Now that you have released 12.0 with the algorithm centric code, does that mean that I could specify an x509v3-ssh-rsa with SHA256 instead of SHA1?
Theoretically yes.
Currently combinations are restricted to those 
https://securebox.termoneplus.com/man5/sshd_config.5.html#X509_Key_Algorithms_Format 
.
For RSA list could be enhanced (first in code).

> As for how other implementations, I do see there isn't much out there that supports it. I see an old question on your mailer that refers to Maverick supporting it. The only other implementation I have found is SmartFTP which I've never used before. Indeed, not a widely implemented algorithm.
ssh.com (tectia) still support only "legacy" format (authors of protocol).
vandake support legacy and "new" (rsa,dsa,no ec).
cisco implement "new" but if I remember well only for rsa (x509v3-ssh-rsa).
reflection?
f-secure may left the business (perhaps implementation was licensed from 
ssh.com).



> Thanks,Alex
[SNIP]

Roumen



More information about the ssh_x509 mailing list