plan9fox/sys
kemal 1a444750d6 ssh: use RSA/SHA-256 instead of RSA/SHA-1 as the public key algorithm
openssh now disables RSA/SHA-1 by default, so using RSA/SHA-1 will
eventually cause us problems:

https://undeadly.org/cgi?action=article;sid=20210830113413

in addition, github will disable RSA/SHA-1 for recently added RSA keys:

https://github.blog/2021-09-01-improving-git-protocol-security-github/

this patch modifies ssh.c to use RSA/SHA-256 (aka rsa-sha2-256)
instead of RSA/SHA-1 (aka ssh-rsa) as the public key algorithm.

NOTE: public rsa keys and thumbprints are ***NOT AFFECTED***
by this patch.

while we're here, remove the workaround for github.com. it seems
that github has fixed their implementation, and does not look into
macalgs when we're using an aead cipher.
---
2021-09-02 13:28:48 +00:00
..
doc /sys/doc: fix mkfile to and remove files that now can be regenerated 2017-05-09 16:23:48 +02:00
games/lib fortunes: unremove 2021-07-08 15:47:49 +00:00
include qsort: ...forgot to include headers in the commit. 2021-08-11 13:10:14 +00:00
lib git: better handling of absolute paths, regex metachars 2021-08-17 04:31:15 +00:00
man joy(1): fix typo (thanks lyndon) 2021-09-01 23:30:52 +00:00
src ssh: use RSA/SHA-256 instead of RSA/SHA-1 as the public key algorithm 2021-09-02 13:28:48 +00:00