Volker Voßkämper created KARAF-7807:
---------------------------------------
Summary: Howto disable use of ssh-rsa in integrated Mina SSHD
Key: KARAF-7807
URL: https://issues.apache.org/jira/browse/KARAF-7807
Project: Karaf
Issue Type: Task
Components: karaf
Affects Versions: 4.4.3
Reporter: Volker Voßkämper
In OpenSSH you can disable ssh-rsa and use only rsa-sha2-256 and rsa-sha2-512
by using
in /etc/ssh/sshd_config:
{code:java}
HostKeyAlgorithms rsa-sha2-256,rsa-sha2-512 {code}
but the Karaf docs [https://karaf.apache.org/manual/latest/remote]
only have this option:
{code:java}
#
# Self defined key size in 1024, 2048, 3072, or 4096
# If not set, this defaults to 2048.
#
# keySize = 2048
#
# Specify host key algorithm, defaults to RSA
#
# algorithm = RSA
{code}
How to remove ssh-rsa which means a ssh session using SHA1 hash to check the
key.
This is a scurity issue.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
