[
https://issues.apache.org/jira/browse/KARAF-7807?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jean-Baptiste Onofré updated KARAF-7807:
----------------------------------------
Target Version/s: 4.4.7
> Howto disable use of ssh-rsa in integrated Mina SSHD
> ----------------------------------------------------
>
> Key: KARAF-7807
> URL: https://issues.apache.org/jira/browse/KARAF-7807
> Project: Karaf
> Issue Type: Task
> Components: karaf
> Affects Versions: 4.4.3
> Reporter: Volker Voßkämper
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Labels: security
>
> In OpenSSH you can disable ssh-rsa and use only rsa-sha2-256 and rsa-sha2-512
> by using
> in /etc/ssh/sshd_config:
> {code:java}
> HostKeyAlgorithms rsa-sha2-256,rsa-sha2-512 {code}
> but the Karaf docs [https://karaf.apache.org/manual/latest/remote]
> only have this option:
> {code:java}
> #
> # Self defined key size in 1024, 2048, 3072, or 4096
> # If not set, this defaults to 2048.
> #
> # keySize = 2048
> #
> # Specify host key algorithm, defaults to RSA
> #
> # algorithm = RSA
> {code}
> How to remove ssh-rsa which means a ssh session using SHA1 hash to check the
> key.
> This is a scurity issue.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
