diff options
author | Hans Nilsson <hans@erlang.org> | 2020-03-19 09:17:26 +0100 |
---|---|---|
committer | Hans Nilsson <hans@erlang.org> | 2020-03-19 09:17:26 +0100 |
commit | 77bd840759582aac6593cecfcdb2a1339d967fb9 (patch) | |
tree | 7f373e27bd110fc4af12adea9fbdfe7d65c5cfa2 | |
parent | c82e70862e5e1da2de12dc41e827aa0c1bb791b7 (diff) | |
parent | ee327399ef25902c272ad5e3ce12749ad567f0b8 (diff) | |
download | erlang-77bd840759582aac6593cecfcdb2a1339d967fb9.tar.gz |
Merge branch 'hans/ssh/deprecate_ssh-rsa/OTP-16511'
* hans/ssh/deprecate_ssh-rsa/OTP-16511:
ssh: Deprecate ssh-rsa
ssh: Put ssh-rsa last
-rw-r--r-- | lib/ssh/doc/src/ssh_app.xml | 2 | ||||
-rw-r--r-- | lib/ssh/src/ssh_transport.erl | 4 | ||||
-rw-r--r-- | system/doc/general_info/deprecations_23.inc | 8 |
3 files changed, 11 insertions, 3 deletions
diff --git a/lib/ssh/doc/src/ssh_app.xml b/lib/ssh/doc/src/ssh_app.xml index 87faf203ae..6e8fedab9a 100644 --- a/lib/ssh/doc/src/ssh_app.xml +++ b/lib/ssh/doc/src/ssh_app.xml @@ -181,9 +181,9 @@ <item>ecdsa-sha2-nistp256</item> <item>ssh-ed25519</item> <item>ssh-ed448</item> - <item>ssh-rsa</item> <item>rsa-sha2-256</item> <item>rsa-sha2-512</item> + <item>ssh-rsa</item> <item>ssh-dss</item> </list> </item> diff --git a/lib/ssh/src/ssh_transport.erl b/lib/ssh/src/ssh_transport.erl index 2cad1bced1..8a688fcd4a 100644 --- a/lib/ssh/src/ssh_transport.erl +++ b/lib/ssh/src/ssh_transport.erl @@ -150,10 +150,10 @@ supported_algorithms(public_key) -> {'ecdsa-sha2-nistp256', [{public_keys,ecdsa}, {hashs,sha256}, {curves,secp256r1}]}, {'ssh-ed25519', [{public_keys,eddsa}, {curves,ed25519} ]}, {'ssh-ed448', [{public_keys,eddsa}, {curves,ed448} ]}, - {'ssh-rsa', [{public_keys,rsa}, {hashs,sha} ]}, {'rsa-sha2-256', [{public_keys,rsa}, {hashs,sha256} ]}, {'rsa-sha2-512', [{public_keys,rsa}, {hashs,sha512} ]}, - {'ssh-dss', [{public_keys,dss}, {hashs,sha} ]} % Gone in OpenSSH 7.3.p1 + {'ssh-dss', [{public_keys,dss}, {hashs,sha} ]}, % Gone in OpenSSH 7.3.p1 + {'ssh-rsa', [{public_keys,rsa}, {hashs,sha} ]} ]); supported_algorithms(cipher) -> diff --git a/system/doc/general_info/deprecations_23.inc b/system/doc/general_info/deprecations_23.inc index dace484bb8..8d92f63d76 100644 --- a/system/doc/general_info/deprecations_23.inc +++ b/system/doc/general_info/deprecations_23.inc @@ -17,6 +17,14 @@ </section> <section> + <title>ssh</title> + <p>The public key algorithm <c>'ssh-rsa</c> is regarded as insecure due + to its usage of SHA1, and is therfore deprecated. + It will not be available by default from OTP-24. + </p> + </section> + + <section> <title>pg2</title> <p> As of OTP 23, a new process group implementation |