Skip to content

Commit

Permalink
ssh: prefer sha256 based RSA key algorithms
Browse files Browse the repository at this point in the history 
sha256 is more optimized than sha512 in Go and is secure enough
so prefer sha256 over sha512.

Change-Id: I3fcf7457791e3ef4539e97049aa905dcd293499d
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/507556
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
Auto-Submit: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
  • Loading branch information
@drakkan @gopherbot
drakkan authored and gopherbot committed Jul 14, 2023
1 parent 5df3b59 commit 3f8f064
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions ssh/common.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,12 +70,12 @@ var preferredKexAlgos = []string{
// supportedHostKeyAlgos specifies the supported host-key algorithms (i.e. methods
// of authenticating servers) in preference order.
var supportedHostKeyAlgos = []string{
CertAlgoRSASHA512v01, CertAlgoRSASHA256v01,
CertAlgoRSASHA256v01, CertAlgoRSASHA512v01,
CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01,
CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01,

KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521,
KeyAlgoRSASHA512, KeyAlgoRSASHA256,
KeyAlgoRSASHA256, KeyAlgoRSASHA512,
KeyAlgoRSA, KeyAlgoDSA,

KeyAlgoED25519,
Expand Down

0 comments on commit 3f8f064

Please sign in to comment.