🐘🐘 Humpleupagus 🐘🐘 (nprofile…0vf6) Sir Anthony Bacon (nprofile…grcp) Disinformation Purveyor :verified_think: (nprofile…p0kj)
It's SHA-1 that's deprecated, not SHA as a whole. Pretty sure ssh-keygen hasn't been using SHA-1 for a long time now. SHA-2 was published in 2001 and SHA-3 in 2015. I think ssh-keygen still uses SHA-2 (specifically SHA-256) but I'm not sure.
To be honest I'm not clear on where exactly the hashing algorithm comes into play in private/public key based authentication with SSH, so I can't tell which of the hashing related defaults mentioned in the man page of ssh-keygen applies here. It mentions sha256 in some place and sha512 in some other place as being the default. It mentions "SHA1" somewhere as an option and says it's not recommended.
Taylan (Now 18% More Deranged) /
npub1uz…7hsyy
2024-12-12 13:30:46
in reply to nevent1q…gzjs
Author Public Key
npub1uzcsm7540llpxa2mk3ajkcz8r62sghjkveqjvnq2xcykhfuxfxtq77hsyyPublished at
2024-12-12 13:30:46Event JSON
{
"id": "edd8fa6b7fd57da639b03130c49c74eab0aecba019e8b7632b64c316ccf41a0a",
"pubkey": "e0b10dfa957ffe13755bb47b2b60471e95045e566641264c0a36096ba7864996",
"created_at": 1734010246,
"kind": 1,
"tags": [
[
"p",
"eb94e902217523a07f5a8d3a07f690019df60b28e233a5daf6a6da205499117d",
"wss://relay.mostr.pub"
],
[
"p",
"7613a80e5e8ef9d80734bb08cceba9d642a8e8c20313908f52ab38bae0f3b4b5",
"wss://relay.mostr.pub"
],
[
"p",
"f74c940c7bae34de0102b62cdd4dac9fd1ffcb9b2d4b5cc7609ed850f5db0057",
"wss://relay.mostr.pub"
],
[
"e",
"ad060592c3d664b3c4ca40c34def8852f1a58c2eebefd05e2605ad60f81b6466",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://fedi.feministwiki.org/objects/3265b44a-b903-419b-be59-a096b7ecceae",
"activitypub"
]
],
"content": "nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqaw2wjq3pw536ql6635aq0a5sqxwlvzeguge6tkhk5mdzq4yez97s3q0vf6 nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqwcf6srj73muaspe5hvyve6af6ep236xzqvfepr6j4vut4c8nkj6sj2grcp nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpq7axfgrrm4c6duqgzkckd6ndvnlglljum9494e3mqnmv9pawmqptsk2p0kj \n\nIt's SHA-1 that's deprecated, not SHA as a whole. Pretty sure ssh-keygen hasn't been using SHA-1 for a long time now. SHA-2 was published in 2001 and SHA-3 in 2015. I think ssh-keygen still uses SHA-2 (specifically SHA-256) but I'm not sure.\n\nTo be honest I'm not clear on where exactly the hashing algorithm comes into play in private/public key based authentication with SSH, so I can't tell which of the hashing related defaults mentioned in the man page of ssh-keygen applies here. It mentions sha256 in some place and sha512 in some other place as being the default. It mentions \"SHA1\" somewhere as an option and says it's not recommended.",
"sig": "96247a01ee7983f67dcdc578667a7e7b77ab3b0fd2e50c310f76f13de6b45ef6a2b51cd481b33796bd8db4424f389934985e0eaed4e0014a49b3093743e44c5e"
}