[ssh_x509] x509v3-ssh-rsa not working when server disable x509v3-rsa2048-sha256

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Wed Oct 6 17:49:17 EEST 2021

On Wed, Oct 6, 2021 at 8:36 AM <ssh_x509 at roumenpetrov.info> wrote:
> ...
> So my query is - when i disable 'x509v3-rsa2048-sha256' in server side
> - but client supports it - why it fails ? My expectation is
> x509v3-ssh-rsa should be chosen and should work good.

What remains in x509v3-ssh-rsa after x509v3-rsa2048-sha256 is disabled?

OpenSSH v8.8 removed RSA/SHA1. From https://www.openssh.com/releasenotes.html:

    This release disables RSA signatures using the
    SHA-1 hash algorithm by default. This change
    has been made as the SHA-1 hash algorithm
    is cryptographically broken, and it is possible
    to create chosen-prefix hash collisions
    for <USD$50K

'ssh -Q' is not very helpful. It does not provide hash algorithms.

    $ ssh -Q key | grep -i rsa
    ssh-rsa-cert-v01 at openssh.com

So, unless x509v3-ssh-rsa includes x509v3-rsa2048-sha512, then there's
nothing left to use.


More information about the ssh_x509 mailing list